Debian Security Advisory DSA 1781-1 (ffmpeg-debian)

The remote host is missing an update to ffmpeg-debian announced via advisory DSA 1781-1.

Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0385 It was discovered that watching a malformed 4X movie file could lead to the execution of arbitrary code. CVE-2008-3162 It was discovered that using a crafted STR file can lead to the execution of arbitrary code. For the oldstable distribution (etch), these problems have been fixed in version 0.cvs20060823-8+etch1. For the stable distribution (lenny), these problems have been fixed in version 0.svn20080206-17+lenny1. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 0.svn20080206-16. We recommend that you upgrade your ffmpeg-debian packages.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201781-1