ffmpeg: buffer overflow and out of array access (CVE-2014-5271 CVE-2014-5272)
Two upstream fixes were issued in the ffmpeg master branch. The commits are availible in the upstream.
proresenc_kostya: report buffer overflow:
If the allocated size, despite best efforts, is too small, exit with the appropriate error.
avcodec/iff: check pixfmt for rgb8 / rgbn:
Fixes out of array access.
Found-by: Piotr Bandurski <email@example.com>
(from redmine: issue id 3314, created on 2014-08-27, closed on 2014-09-05)