A vulnerability was discovered and corrected in ffmpeg:
MPlayer allows remote attackers to cause a denial of service
(application crash) via (1) a malformed AAC file, as demonstrated
by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as
demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718
Packages for 2008.0 are being provided due to extended support for
This update provides a solution to this vulnerability.