[FFmpeg-user] FFmpeg Vulnerable to Denial-of-Service (DoS) via Heap-Based Buffer Overflow in 'cbs_jpeg.c' File
Moritz Barsnick
barsnick at gmx.net
Fri May 15 12:00:16 EEST 2020
On Fri, May 15, 2020 at 08:28:03 +0000, FFmpeg user discussions wrote:
> Would like to understand, any plan to fix the to the
> https://nvd.nist.gov/vuln/detail/CVE-2020-12284 (FFmpeg Vulnerable to
> Denial-of-Service (DoS) via Heap-Based Buffer Overflow in
> 'cbs_jpeg.c' File)
This is a user and not a development list, but, that said:
A fix is already on the master branch[*], and will most likely be
backported to the coming release 4.2.3, together with many other fixes.
Cheers,
Moritz
[*] https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726#diff-3f792992b631e77d4a71869346eac832
More information about the ffmpeg-user
mailing list