FS#40994 : [ffmpeg] CVE-2014-4610 integer overflow / remote code execution via bundled lzo implementation

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#40994 - [ffmpeg] CVE-2014-4610 integer overflow / remote code execution via bundled lzo implementation

Attached to Project: Arch Linux
Opened by Daniel Micay (thestinger) - Friday, 27 June 2014, 03:30 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Friday, 27 June 2014, 18:52 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

http://www.openwall.com/lists/oss-security/2014/06/26/23

Background: http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html

This task depends upon

Closed by Bartłomiej Piotrowski (Barthalion)
Friday, 27 June 2014, 18:52 GMT
Reason for closing: Not a bug
Additional comments about closing: already fixed in 2.2.4

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

Arch Linux

FS#40994 - [ffmpeg] CVE-2014-4610 integer overflow / remote code execution via bundled lzo implementation

Details

Loading...