Debian Security Advisory DSA 2000-1 (ffmpeg-debian)

The remote host is missing an update to ffmpeg-debian announced via advisory DSA 2000-1.

Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlayer: Various programming errors in container and codec implementations may lead to denial of service or the execution of arbitrary code if the user is tricked into opening a malformed media file or stream. Affected and updated have been the implementations of the following codecs and container formats: - - the Vorbis audio codec - - the Ogg container implementation - - the FF Video 1 codec - - the MPEG audio codec - - the H264 video codec - - the MOV container implementation - - the Oggedc container implementation For the stable distribution (lenny), these problems have been fixed in version 0.svn20080206-18+lenny1. For the unstable distribution (sid), these problems have been fixed in version 4:0.5+svn20090706-5. We recommend that you upgrade your ffmpeg packages.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202000-1