Bug#694483: CVEs: CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361
Reinhard Tartler
siretart at gmail.com
Thu Jan 3 17:26:59 UTC 2013
tags 694483 moreinfo
stop
Hi Arne,
Thanks for caring about security in libav. Sorry for the delay. I
tried hard to gather additional information about these issues, but
was not successful.
On Mon, Nov 26, 2012 at 8:30 PM, Arne Wichmann <aw at linux.de> wrote:
> I have here another series of CVEs for ffmpeg/libav:
>
> CVE-2012-2882
Libav's ogg decoder is a bit different to the one in FFmpeg. Can you
please provide a testfile so that we can test if this issue affects
Libav at all?
> CVE-2012-5359
> CVE-2012-5360
> CVE-2012-5361
>
> For the last 3 http://technet.microsoft.com/en-us/security/msvr/msvr12-017
> claims that they are fixed in ffmpeg 0.11, but the available information on
> all of them is a bit thin.
Sorry, without proper information what's going on here, there is
nothing that we can do about this. Again, please provide a sample that
demonstrates the issue.
--
regards,
Reinhard
More information about the pkg-multimedia-maintainers
mailing list