• [SECURITY] [DSA 4998-1] ffmpeg security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Oct 31 17:50:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4998-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : ffmpeg
    CVE ID : CVE-2020-20446 CVE-2020-20450 CVE-2020-20453 CVE-2020-22037
    CVE-2020-22042 CVE-2021-38114 CVE-2021-38171 CVE-2021-38291
    CVE-2020-21697 CVE-2020-21688 CVE-2020-20445

    Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the
    execution of arbitrary code if malformed files/streams are processed.

    For the stable distribution (bullseye), these problems have been fixed in version 7:4.3.3-0+deb11u1.

    We recommend that you upgrade your ffmpeg packages.

    For the detailed security status of ffmpeg please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/ffmpeg

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmF+xfUACgkQEMKTtsN8 TjY1Bw//YNL74vqBdoTiiNfHPW7S5zcKB+YkWMRT+t9gyITOkASzZ5k3MvRJUgOr U1+QK507XvyGeKvRcRaT5P0se9KtmTWPGB9zn7yfv+1RWbtv6ffpwLspLMzAITLr aXffbCuqF/E0J6THgJBWYMaIti4FNVdcQ/WdaS0Lz4bGkkS6f3wvJV1QbivLA0JI QXKxB6JSET6sLSyVsKA1r9/w4QeIZ5GNfxxdDIaZUOIwpUkyfFJLBLeXLmnqJ1Cw yiz/tCF4TPuH68tDEZqmmEZIKPCyJPBuXWbqGOIYB8ld1EDXuy3eXLSxhOz/kAoO uWFph4VKpkfDXLWBAE7M+Ots2ZM7sT5KTwWz5T/K9RL9hFA6V0AWiVCfhLw/Yz+A 4H3rB/B2G93ea4Y9CTLR75xKKIapK3dJ9TY8SgyN9owaTfqWcoH3AJvnlGSWVihc GTBp+zMFCrpdrAKrdJydre5hdji/07j2owWvjuMZPbjQMzQuIihu4MTUPxKudn9X 4JR73c9brxibIBPegIJiY4kdXquXO/yuQ6UNKDJCbszjOytHavCtC/tS2l39vol7 zuujpZROXIx6obfHjGi25E2IlSOHHDua7QP1SlOYXSwIZ6DDWAvGgi9di0FGo/Hu MA6OHY7GeEju63y7A3dFkcmLPUVdDCH5GDXtjKwosVzhdIkrC70=
    =Lr1c
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)