Open Source FFmpeg Project Gets Security Updates


Version 0.7.8 and 0.8.7 of the open source FFmpeg solution were recently released.

"The updates correct issues that could be exploited by an attacker to cause a denial-of-service (DoS) condition or potentially compromise an application that uses FFmpeg -- well known open source software that uses the library collection includes the VLC Media Player, MPlayer and Perian," The H Security reports.

"The vulnerabilities addressed in the update include errors in the QDM2 decoder and 'vp3_dequant()' function that could be used to trigger a buffer overflow, as well as a problem in a number of functions that could lead to out-of-bounds reads," the article states.

Go to "FFmpeg updates fix security bugs" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.