==========================================================Ubuntu Security Notice USN-230-1 December 14, 2005
A security issue affects the following Ubuntu releases:
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 3:0.cvs20050121-1ubuntu1.1 (libavcodec-dev), and
0.75-6ubuntu0.1 (kino). In general, a standard system upgrade is
sufficient to effect the necessary changes.
Simon Kilvington discovered a buffer overflow in the
avcodec_default_get_buffer() function of the ffmpeg library. By
tricking an user into opening a malicious movie which contains
specially crafted PNG images, this could be exploited to execute
arbitrary code with the user's privileges.