Commit a3377806 authored by Thomas Zander's avatar Thomas Zander
Browse files

MFH: r359687

Add vuln entries for mplayer and mencoder for CVE-2014-4610
(integer overflow in ffmpeg's lzo code)

Approved by:	portmgr(miwi), mentors (implicit)
parent 07dc148d
......@@ -51,6 +51,60 @@ Note: Please add new entries to the beginning of this file.
 
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="17dfd984-feba-11e3-b938-5404a68ad561">
<topic>mencoder -- potential buffer overrun when processing malicious lzo compressed input</topic>
<affects>
<package>
<name>mencoder</name>
<range><lt>1.1.r20140418_1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Michael Niedermayer and Luca Barbato report in upstream ffmpeg:</p>
<blockquote>
<p>avutil/lzo: Fix integer overflow</p>
</blockquote>
</body>
</description>
<references>
<url>http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ccda51b14c0fcae2fad73a24872dce75a7964996</url>
<url>http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6af26c55c1ea30f85a7d9edbc373f53be1743ee</url>
<cvename>CVE-2014-4610</cvename>
</references>
<dates>
<discovery>2014-06-24</discovery>
<entry>2014-06-28</entry>
</dates>
</vuln>
<vuln vid="9ab3a22c-feb8-11e3-b938-5404a68ad561">
<topic>mplayer -- potential buffer overrun when processing malicious lzo compressed input</topic>
<affects>
<package>
<name>mplayer</name>
<range><lt>1.1.r20140418_3</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Michael Niedermayer and Luca Barbato report in upstream ffmpeg:</p>
<blockquote>
<p>avutil/lzo: Fix integer overflow</p>
</blockquote>
</body>
</description>
<references>
<url>http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ccda51b14c0fcae2fad73a24872dce75a7964996</url>
<url>http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6af26c55c1ea30f85a7d9edbc373f53be1743ee</url>
<cvename>CVE-2014-4610</cvename>
</references>
<dates>
<discovery>2014-06-24</discovery>
<entry>2014-06-28</entry>
</dates>
</vuln>
<vuln vid="52bbc7e8-f13c-11e3-bc09-bcaec565249c">
<topic>dbus -- local DoS</topic>
<affects>
......@@ -982,6 +1036,7 @@ Note: Please add new entries to the beginning of this file.
<modified>2014-04-24</modified>
</dates>
</vuln>
<vuln vid="5631ae98-be9e-11e3-b5e3-c80aa9043978">
<topic>OpenSSL -- Multiple vulnerabilities - private data exposure</topic>
<affects>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment