FFmpeg and Libav Multiple Remote Security Vulnerabilities

FFmpeg and Libav Multiple Remote Security Vulnerabilities

References:

alac: Do bounds checking of lpc_order read from the bitstream (Martin Storsjö)
avidec: Make sure a packet is large enough before reading its data (Martin Storsjö)
bfi: Avoid divisions by zero (Martin Storsjö)
FFmpeg Homepage (FFmpeg)
mvi: Add sanity checking for the audio frame size (Martin Storsjö)
pcx: Check the packet size before assuming it fits a palette (Martin Storsjö)
pcx: Consume the whole packet if giving up due to missing palette (Martin Storsjö)
pngdec: Stop trying to decode once inflate returns Z_STREAM_END (Martin Storsjö)
riffdec: Add sanity checks for the sample rate (Martin Storsjö)
vqf: Make sure sample_rate is set to a valid value (Martin Storsjö)
xwma: Avoid division by zero (Martin Storsjö)
xxan: Disallow odd width (Martin Storsjö)

Privacy Statement
Copyright 2010, SecurityFocus