[FFmpeg-user] FFmpeg Vulnerable to Denial-of-Service (DoS) via Heap-Based Buffer Overflow in 'cbs_jpeg.c' File
Carl Zwanzig
cpz at tuunq.com
Fri May 15 19:04:08 EEST 2020
On 5/15/2020 2:00 AM, Moritz Barsnick wrote:
> On Fri, May 15, 2020 at 08:28:03 +0000, FFmpeg user discussions wrote:
>> Would like to understand, any plan to fix the to the
>> https://nvd.nist.gov/vuln/detail/CVE-2020-12284 (FFmpeg Vulnerable to
>> Denial-of-Service (DoS) via Heap-Based Buffer Overflow in
>> 'cbs_jpeg.c' File)
> This is a user and not a development list,[...]
Making it a perfect place to post something that might affect a user, like a
DOS vector.
(Why would vulnerabilities only be of interest to developers? It seems like
half the time "we" tell people to build from source, anyway. And please
don't suggest that the interest is limited to a small group of readers- much
of what people ask about here seems limited to a small group. And unless
someone gets their nose out of joint for a day or two, ffmpeg-users really
is a low traffic list; usually then more time is spent arguing about the
list than on technical matters.)
Later,
z!
More information about the ffmpeg-user
mailing list