CVE-2011-2162

Note

ffmpeg-extra in multiverse needs to have matching version
this CVE likely originates from the Mandriva update announcement
here: http://lwn.net/Alerts/436853/
they have three patches from google:
ffmpeg-mov_dref_looping.patch:
http://git.videolan.org/?p=ffmpeg.git;a=commit;f=libavformat/mov.c;h=0e7d436d924a42ef6e8ab628a1f10d72801d1395
not security - see thread here:
http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/2010-March/094630.html
ffmpeg-mp3_outlen.patch:
http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/ffmpeg/patches/to_upstream/31_mp3_outlen.patch?revision=25031&view=markup&pathrev=28635
http://git.libav.org/?p=libav.git;a=commit;f=libavcodec/mpegaudiodec.c;h=45a014d75efd043aa432b87869f898e552cbbb75
all releases have this commit already
ffmpeg-vorbis_zero_samplerate.patch:
http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/ffmpeg/patches/to_upstream/41_vorbis_zero_samplerate.patch?revision=25230&view=markup&pathrev=28635
SIGFPE = not security
http://git.libav.org/?p=libav.git;a=commit;f=libavformat/oggparsevorbis.c;h=ce20edb7bd6c1768ef5f4d181d7ba27a0e7945bd
Marking as ignored

Package	Release	Status
ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	hardy	Ignored (end of life)
	lucid	Ignored
	maverick	Ignored
	natty	Does not exist
	upstream	Needs triage
ffmpeg-extra Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	lucid	Ignored
	maverick	Ignored
	natty	Does not exist
	upstream	Needs triage
libav Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	natty	Ignored
	upstream	Needs triage
libav-extra Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	natty	Ignored
	upstream	Needs triage

CVE-2011-2162

Notes

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading