Debian Security Advisory
DLA-457-1 mplayer -- LTS security update
- Date Reported:
- 04 May 2016
- Affected Packages:
- mplayer
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-4352.
- More information:
-
Mplayer is crashing when playing a fuzzed gif file. The gif demuxes assumes in many places that width*height is <= INT_MAX; this might not be true. Fixed by validating the picture size.
For Debian 7
Wheezy
, these issues have been fixed in mplayer version 2:1.0~rc4.dfsg1+svn34540-1+deb7u2