In association with heise online

30 May 2009, 12:37

Security update for Xvid

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Xvid developers have released version 1.2.2 of their MPEG-4 codec to fix three security-related issues. One of the flaws reportedly prevents a function of the xvidcore library from checking the resync marker range correctly.

In its short announcement, Xvid Solutions do not mention whether the flaws can be exploited for injecting code via specially crafted videos. However, the developers highly recommend that users update. The update also offers various minor improvements, for example more precision for RGB-to-YUV colour conversions.

The source code of the new version 1.2.2 is available in the download area. No pre-compiled versions have been released so far.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit