Libav: Multiple vulnerabilities Multiple vulnerabilities have been found in Libav, allowing attackers to execute arbitrary code or cause Denial of Service. libav 2012-10-20 2012-10-20 408555 422537 remote 0.8.3 0.8.3

Libav is a complete solution to record, convert and stream audio and video.

Multiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted media file in an application linked against Libav, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition.

There is no known workaround at this time.

All Libav users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=media-video/libav-0.8.3" CVE-2011-3929 CVE-2011-3936 CVE-2011-3937 CVE-2011-3937 CVE-2011-3940 CVE-2011-3945 CVE-2011-3947 CVE-2011-3951 CVE-2011-3952 CVE-2012-0848 CVE-2012-0851 CVE-2012-0852 CVE-2012-0853 CVE-2012-0858 CVE-2012-0947 ackle ackle