Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-4351

Published: 25 November 2011

Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors.

Notes

AuthorNote
mdeslaur 
ffmpeg-extra in multiverse needs to have matching version
libav-extra is built with tarball produced by libav package
This fixes NGS00144
As of 2011-12-22, libav is missing the last two commits, but
upstream says they aren't necessary.

Priority

Medium

Status

Package Release Status
ffmpeg
Launchpad, Ubuntu, Debian 		hardy Ignored
(end of life)
lucid
Released (4:0.5.1-1ubuntu1.3)
maverick
Released (4:0.6-2ubuntu6.3)
natty Does not exist

oneiric Does not exist

upstream Needs triage

Patches:
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=491eaf35ae1f9b619441314bec33766e31580184
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=291d74a46d32183653db07818c7b3407fd50a288
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7d49f79f1cd47783a963a757a6563b9cac29db62
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=14db3af4f26dad8e6ddf2147e96ccc710952ad4d
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=895d258e9ba065d035dd30dbc622423031f0185c



ffmpeg-extra
Launchpad, Ubuntu, Debian 		hardy Does not exist

lucid
Released (4:0.5.1-1ubuntu1.3)
maverick
Released (4:0.6-2ubuntu3.3)
natty Does not exist

oneiric Does not exist

upstream Needs triage

libav
Launchpad, Ubuntu, Debian 		hardy Does not exist

lucid Does not exist

maverick Does not exist

natty
Released (4:0.6.4-0ubuntu0.11.04.1)
oneiric
Released (4:0.7.3-0ubuntu0.11.10.1)
upstream
Released (0.7.3)
Patches:





upstream: http://git.libav.org/?p=libav.git;a=commit;h=5a19acb17ceb71657b0eec51dac651953520e5c8
upstream: http://git.libav.org/?p=libav.git;a=commit;h=291d74a46d32183653db07818c7b3407fd50a288
upstream: http://git.libav.org/?p=libav.git;a=commit;h=7d49f79f1cd47783a963a757a6563b9cac29db62
libav-extra
Launchpad, Ubuntu, Debian 		hardy Does not exist

lucid Does not exist

maverick Does not exist

natty
Released (4:0.6.4-1ubuntu1)
oneiric
Released (4:0.7.3ubuntu0.11.10.1)
upstream Needs triage

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading