[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request rtmpdump: the 6 vulnerabilities have been fixed
From: limingxing <limingxing () 360 ! cn>
Date: 2015-12-30 2:28:26
Message-ID: 3626D6E697A150459C44C0E5D8D8D00E0DBD28AA () EX02 ! corp ! qihoo ! net
[Download RAW message or body]
Hello,
CVE request rtmpdump: the 6 vulnerabilities have been fixed by Howard Chu a few days ago!
These vulnerabilities affect latest version of ubuntu kylin by the smplayer!
Thank you !
The git(git://git.ffmpeg.org/rtmpdump)log is:
commit fa8646daeb19dfd12c181f7d19de708d623704c0
Author: Howard Chu <hyc@highlandsun.com>
Date: Wed Dec 23 18:58:50 2015 +0000
Fix issue 6-7/7 from LMX of Qihoo 360 Codesafe Team
Additional decode input size checks
commit 07c10ae612bf5c2dbea594dcbd4da85c54dba1e4
Author: Howard Chu <hyc@highlandsun.com>
Date: Wed Dec 23 18:28:13 2015 +0000
Fix issue 5/7 from LMX of Qihoo 360 Codesafe Team
Ignore zero-length packets
commit 7c68ad18f4296911114470bb4caaa673d55c8447
Author: Howard Chu <hyc@highlandsun.com>
Date: Wed Dec 23 18:10:15 2015 +0000
Fix issue 4/7 from LMX of Qihoo 360 Codesafe Team
Potential integer overflow in RTMPPacket_Alloc().
commit f3042b5bb7dcb42eda32ad9dd88029b24a2c282b
Author: Howard Chu <hyc@highlandsun.com>
Date: Wed Dec 23 17:53:34 2015 +0000
Fix issue 2/7 from LMX of Qihoo 360 Codesafe Team
Obsolete RTMPPacket_Free() call left over from original C++ to C rewrite
commit 71fe4f2435beaccca046dad3905840615b76b085
Author: Howard Chu <hyc@highlandsun.com>
Date: Wed Dec 23 17:51:39 2015 +0000
Fix issue 1/7 from LMX of Qihoo 360 Codesafe Team
AMFProp_GetObject must make sure the prop is actually an object=
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic