Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Aug 2013 02:25:48 +0200
From: Michael Niedermayer <>
To: Open Source Security <>
Subject: CVE Request: FFmpeg 2.0.1 multiple problems


Id like to request CVE(s) for FFmpeg 2.0.1, for the changes below:
Out of array (on heap) write
Found-by: wm4
testcase and valgrind output on bugtracker above
Out of array (on heap) write
Found-by: Piotr Bandurski <>
Found-by: Laurent Butti <>
Wrong return code that could lead to NULL+offset to be written to after memory
allocation failure

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

There will always be a question for which you do not know the correct answer.

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.