Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlayer: Various programming errors in container and codec implementations may lead to denial of service or the execution of arbitrary code if the user is tricked into opening a malformed media file or stream. The implementations of the following affected codecs and container formats have been updated: the Vorbis audio codec the Ogg container implementation the FF Video 1 codec the MPEG audio codec the H264 video codec the MOV container implementation the Oggedc container implementation For the stable distribution (lenny), these problems have been fixed in version 0.svn20080206-18+lenny1. For the unstable distribution (sid), these problems have been fixed in version 4:0.5+svn20090706-5. We recommend that you upgrade your ffmpeg packages.
Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlayer:
Various programming errors in container and codec implementations may lead to denial of service or the execution of arbitrary code if the user is tricked into opening a malformed media file or stream.
The implementations of the following affected codecs and container formats have been updated:
For the stable distribution (lenny), these problems have been fixed in version 0.svn20080206-18+lenny1.
For the unstable distribution (sid), these problems have been fixed in version 4:0.5+svn20090706-5.
We recommend that you upgrade your ffmpeg packages.
MD5 checksums of the listed files are available in the original advisory.