Date: Sat, 17 Sep 2016 12:50:41 +0200 From: Agostino Sarubbo <ago@...too.org> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: Re: libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c) On Friday 16 September 2016 21:49:19 cve-assign@...re.org wrote: > >> mpegvideo_motion: Handle edge emulation even without unrestricted_mv > >> > >> Fix out of bounds read. > >> > >> libavcodec/mpegvideo_motion.c > > Use CVE-2016-7424. I would like to mention that the upstream git commit is wrong. This issue is a NULL pointer access and not an out-of-bounds I already pinged an upstream developer to notify the discrepancy but I guess that their git does not allow to edit the message for the commit already pushed. -- Agostino Sarubbo Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ