[3.6] ffmpeg: heap overflows (CVE-2017-5024, CVE-2017-5025)
CVE-2017-5024 (arbitrary code execution)
A heap overflow flaw was found in FFmpeg < 3.2.4.
CVE-2017-5025 (arbitrary code execution)
A heap overflow flaw was found in FFmpeg < 3.2.4.
References:
https://ffmpeg.org/security.html
(from redmine: issue id 6869, created on 2017-02-16, closed on 2017-09-05)
- Relations:
- parent #6868 (closed)
- Changesets:
- Revision 388c5ed7 by Sergei Lukin on 2017-02-16T13:30:32Z:
main/ffmpeg: security upgrade to 3.2.4 - fixes #6869
CVE-2017-5024 (arbitrary code execution)
CVE-2017-5025 (arbitrary code execution)