Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Nov 2013 15:01:11 +0100
From: Michael Niedermayer <>
To: Open Source Security <>
Subject: CVE Request: FFmpeg 2.1 multiple problems


Id like to request CVE(s) for FFmpeg 2.1, for the changes below:
    fixes a deadlock in h264 decoding
    Fixes out of array (on heap) writes in rpza decoding
    avcodec/dsputil: fix signedness in sizeof() comparissions leading
    to interger overflow and out of array accesses
    Fixes out of array (on heap) writes in ffv1 decoding
    Found-by: ami_stuff
    Fixes out of array write in jpeg2000 decoding
    Found-by: ami_stuff
    Fix order of align and pixel size multiplication.
    Fixes out of array accesses in g2m4
    Found-by: ami_stuff
    avcodec/pngdsp: fix (un)signed type in end comparission
    Fixes out of array writes in png decoding
    Found_by: ami_stuff
    avcodec/flashsv: check diff_start/height
    Fixes out of array accesses
    Found-by: ami_stuff
    Check cdx/y values more carefully
    Fixes out of array accesses in jpeg2000 decoding
    Found-by: Piotr Bandurski <>
    fix dereferencing invalid pointers in jpeg2000 decoding
    Found-by: Laurent Butti <>
    jpeg2000: check log2_cblk dimensions
    Fixes out of array access
    Found-by: Piotr Bandurski <>
    avcodec/jpeg2000dec: fix context consistency with too large lowres
    Fixes out of array accesses in jpeg2000 decoding
    ffv1dec: Check bits_per_raw_sample and colorspace for equality in ver 0/1 headers
    prevents inconsistency and out of array write
    avfilter/vf_fps: make sure the fifo is not empty before using it
    fixes double free in the fps filter
    fixes out of array access in g2m4
    Found-by: ami_stuff
    out of array write (on heap) in case of realloc failure
    avcodec/jpeg2000dec: prevent out of array accesses in pixel addressing

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

When the tyrant has disposed of foreign enemies by conquest or treaty, and
there is nothing more to fear from them, then he is always stirring up
some war or other, in order that the people may require a leader. -- Plato

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.