[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SECURITY] [DSA 4502-1] ffmpeg security update

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [SECURITY] [DSA 4502-1] ffmpeg security update
From: Moritz Muehlenhoff <jmm@xxxxxxxxxx>
Date: Fri, 16 Aug 2019 20:38:40 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4502-1                   security@xxxxxxxxxx
https://www.debian.org/security/                       Moritz Muehlenhoff
August 16, 2019                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ffmpeg
CVE ID         : CVE-2019-12730

Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (buster), this problem has been fixed in
version 7:4.1.4-1~deb10u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1XE8QACgkQEMKTtsN8
TjY4Kw/9GjbvVYKZzzgmlwmwVxMm9T6hVrQky5tqIlmYINyeosFfctP3TV1h21XQ
YJIL9MGQymaq6Je1VSM4Q32CTELNNHbiDKE1ZeBqMjB3cz8ZDMWtN+rO7UuIo8Mb
RlGTax4voLEeEy27gzzs6P5gjyfE0HP41W0958jphQuBfpO8ptgJDvkta1QRyCXj
IDFWP0CYP5Ko2kEzJ9LRaHVAR4Tdxd6slV6Y9NFuAu4nvDjfsXya1RQcL22be3Lz
dW5LMMP3LiLgsq3SySAH4t1GRt5AmLVaEKJouPUf0JJq9wJO9+SKYlLeiGj2fxoP
s7IWSJCxh0eLKiUsncMoQYbRdi3TdmdbUYr1TBseGXal8cDGIOrMxKvLj3UfyPsC
ocV4uBi/h8mY6n2vQHBlh5LjTrJdMOHvJBgBg6mLoBUYq0MUejAuc3kFXKxj9tk7
6S0dVD84aGFmHCArlzYrY8KNqSdVUcRmTlXQ97Q448pT6M3qMoDkk8GLgbcp9OsP
I9WFrKj/0GP7xgKYi52+ye1coiKf3IjHp/N4M6DEpn/9JQAKfOdOujn+vqlmqzTK
k26lFYzkQk6G8uU8bXBrT7bnjVuIS2FmykjjmfhS6qqeLEe8e3FjtF5J3W0RuJD7
KGND+fiwGnIxNp8Kc4bz25QHy94aTWhM+8UDmL7ygCuND010hME=
=kZit
-----END PGP SIGNATURE-----

Prev by Date: Details about recent GNU patch vulnerabilities
Next by Date: [SECURITY] [DSA 4503-1] golang-1.11 security update
Previous by thread: Details about recent GNU patch vulnerabilities
Next by thread: [SECURITY] [DSA 4503-1] golang-1.11 security update
Index(es):
- Date
- Thread