Bug#872517: ffmpeg: CVE-2017-7206: heap-based buffer over-read in embed libav

Package: ffmpeg X-Debbugs-CC: t...@security.debian.org secure-testing- t...@lists.alioth.debian.org Severity: grave Tags: security Hi, the following vulnerability was published for libav (which is embed in ffmpeg). CVE-2017-7206[0]: | The ff_h2645_extract_rbsp function in libavcodec in libav 9.

Bug#624666: vlc: security update breaks mp3 support

On Saturday 30 April 2011, Adam D. Barratt wrote: > As this regression was apparently caused by a security update Thanks for the report. Indeed, the CVE-2010-1441 fix was included in DSA 2211-1. I'm not sure about the proceed in these cases. As front-desk, I opened the ticket 3143 in queue 'Sec

Bug#611495: [CVE-2010-4705] [CVE-2010-4704] integer overflow in Vorbis decoder

Package: ffmpeg Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for ffmpeg. Patches are provided in the CVE notes. CVE-2010-4704[0]: | libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and | earlier allows remote a

Bug#610550: [CVE-2011-0480] memory corruptions in the ffmpeg Vorbis codec

Package: ffmpeg Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for ffmpeg. CVE-2011-0480[0]: | Multiple buffer overflows in the Vorbis decoder in Google Chrome | before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote