USN-3967-1: FFmpeg vulnerabilities
6 May 2019
FFmpeg could be made to crash if it opened a specially crafted file.
Releases
Packages
- ffmpeg - Tools for transcoding, streaming and playing of multimedia files
Details
It was discovered that FFmpeg contained multiple security issues when handling
certain multimedia files. If a user were tricked into opening a crafted
multimedia file, an attacker could cause a denial of service via application
crash.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04
-
ffmpeg
-
7:4.1.3-0ubuntu1
-
libavcodec-extra58
-
7:4.1.3-0ubuntu1
-
libavcodec58
-
7:4.1.3-0ubuntu1
-
libavdevice58
-
7:4.1.3-0ubuntu1
-
libavfilter-extra7
-
7:4.1.3-0ubuntu1
-
libavfilter7
-
7:4.1.3-0ubuntu1
-
libavformat58
-
7:4.1.3-0ubuntu1
-
libavresample4
-
7:4.1.3-0ubuntu1
-
libavutil56
-
7:4.1.3-0ubuntu1
-
libpostproc55
-
7:4.1.3-0ubuntu1
-
libswresample3
-
7:4.1.3-0ubuntu1
-
libswscale5
-
7:4.1.3-0ubuntu1
Ubuntu 18.10
-
ffmpeg
-
7:4.0.4-0ubuntu1
-
libavcodec-extra58
-
7:4.0.4-0ubuntu1
-
libavcodec58
-
7:4.0.4-0ubuntu1
-
libavdevice58
-
7:4.0.4-0ubuntu1
-
libavfilter-extra7
-
7:4.0.4-0ubuntu1
-
libavfilter7
-
7:4.0.4-0ubuntu1
-
libavformat58
-
7:4.0.4-0ubuntu1
-
libavresample4
-
7:4.0.4-0ubuntu1
-
libavutil56
-
7:4.0.4-0ubuntu1
-
libpostproc55
-
7:4.0.4-0ubuntu1
-
libswresample3
-
7:4.0.4-0ubuntu1
-
libswscale5
-
7:4.0.4-0ubuntu1
Ubuntu 18.04
-
ffmpeg
-
7:3.4.6-0ubuntu0.18.04.1
-
libavcodec-extra57
-
7:3.4.6-0ubuntu0.18.04.1
-
libavcodec57
-
7:3.4.6-0ubuntu0.18.04.1
-
libavdevice57
-
7:3.4.6-0ubuntu0.18.04.1
-
libavfilter-extra6
-
7:3.4.6-0ubuntu0.18.04.1
-
libavfilter6
-
7:3.4.6-0ubuntu0.18.04.1
-
libavformat57
-
7:3.4.6-0ubuntu0.18.04.1
-
libavresample3
-
7:3.4.6-0ubuntu0.18.04.1
-
libavutil55
-
7:3.4.6-0ubuntu0.18.04.1
-
libpostproc54
-
7:3.4.6-0ubuntu0.18.04.1
-
libswresample2
-
7:3.4.6-0ubuntu0.18.04.1
-
libswscale4
-
7:3.4.6-0ubuntu0.18.04.1
In general, a standard system update will make all the necessary changes.