Linux Security
    Linux Security
    Linux Security

    Debian LTS: DLA-2291-1: ffmpeg security update

    Date
    206
    Posted By
    Several vulnerabilities have been fixed by upgrading FFmpeg, a widely used multimedia framework, from 3.2.14 to 3.2.15. CVE-2019-13390
    -------------------------------------------------------------------------
    Debian LTS Advisory DLA-2291-1                This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/lts/security/                                     
    July 27, 2020                                 https://wiki.debian.org/LTS
    -------------------------------------------------------------------------
    
    Package        : ffmpeg
    Version        : 7:3.2.15-0+deb9u1
    CVE ID         : CVE-2019-13390 CVE-2019-17542 CVE-2020-13904
    Debian Bug     : 
    
    Several vulnerabilities have been fixed by upgrading FFmpeg,
    a widely used multimedia framework, from 3.2.14 to 3.2.15.
    
    CVE-2019-13390
    
        rawenc: Only accept the appropriate stream type for raw muxers.
    
    CVE-2019-17542
    
        Heap-based buffer overflow in vqa_decode_chunk.
    
    CVE-2020-13904
    
        Use-after-free via a crafted EXTINF duration in an m3u8 file.
    
    For Debian 9 stretch, these problems have been fixed in version
    7:3.2.15-0+deb9u1.
    
    Several other bugs are also fixed in 3.2.15,
    a full list of changes is available at
    https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/37a8ad9a3167923d500910031a8086489c004d83:/Changelog
    
    We recommend that you upgrade your ffmpeg packages.
    
    For the detailed security status of ffmpeg please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/ffmpeg
    
    Further information about Debian LTS security advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://wiki.debian.org/LTS
    

    Advisories

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/38-which-aspect-of-server-security-are-you-most-interested-in-learning-more-about?task=poll.vote&format=json
    38
    radio
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.