[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 457-1] mplayer security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : mplayer
Version        : 2:1.0~rc4.dfsg1+svn34540-1+deb7u2
CVE ID         : CVE-2016-4352

Mplayer is crashing when playing a fuzzed gif file. The gif demuxes
assumes in many places that width*height is <= INT_MAX; this might
not be true. Fixed by validating the picture size.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJXKmDhXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHKJUQAKqa0Gsb2K1zRZs2gfuxrGr7
ioIpppE2tSpdv81FZpW79CGSJL2Id4/jdYIUXgVep+RdUehznQuevsalkGXP4RNx
C6yyB70rQ83pNO9kQ81F9muzFjns2zrVPA72oov+bXqBQlmlhMXH8R91Vc8brB/2
UAyMP7PQ9piaT/8VZfcXNnWE1EWvsa13uf7lB24XWVV88wyOKy2Sw469uAC0JEqF
IuE8TvmPjK1RwBCaGHJO4UrNO3owJUm91XiG8SXl3K/ik+5lJEE3bPBBkxygikpA
DmMpDXmB1g7iMlSf9hpS5gdpiNWeHD+5ZBz6H04VpL3g7GrqykzJf3sbiNT6ssjQ
vSLLGSCAn6jSZ3tuIrSOXjdIFnPf7e/vX1aZ3WjQ6i8JK7ca4TFaRRBiS5spflFo
hBAeOuzXgESlrP2GultUrOFcdmvwrnrkDVPpTFez8tMP9RUi2GelqL0itAyQhWcO
f4nNBACc1lNHhxjSEi2Icy2Weu6IEZy4o07VquwfLU8iYf5/RqH8UoE2AqEyvkrF
QCiErzFdFpbPgloIevAFKEPh/oI2TSB+DBb9XpZ0NNhwvZVOpDM1JsDqEJjYrvt2
KeGRZtVur/rN5nuPVyP6+YyhsN6FdlzFjre5+cLsmSwuLVMCVPrYEQhaU8OzmZ1S
sveSSWJidJJBKROTUcns
=zsUn
-----END PGP SIGNATURE-----


Reply to: