Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 635
Alerts This Week
Warning Icon 1 635

Mageia 6: MGASA-2019-0223 Critical: Mythtv Assertion Failure

mageia
Calendar Grey August 18, 2019
Dist Mageia Esm H88
Enhancements for Kodi and VLC resolve significant vulnerabilities in Fedora, strengthening overall system security.
This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2

Summary

This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2. It also fixes atleast the following issue:
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure (CVE-2018-15822).
It also fixes mythbackend missing needed environment variables (mga#24104).
For other changes/fixes in this update, see the referenced Release Notes.

References

- https://bugs.mageia.org/show_bug.cgi?id=24099

- https://bugs.mageia.org/show_bug.cgi?id=24104

-

-

- https://www.cve.org/CVERecord?id=CVE-2018-15822

Resolution

SRPMS

- 6/core/mythtv-30.0-20190121.1.mga6

- 6/core/mythtv-mythweb-30.0-1.mga6

- 6/core/hdhomerun-20180817-1.mga6

- 6/tainted/mythtv-30.0-20190121.1.mga6.tainted

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 18 Aug 2019
URL: https://advisories.mageia.org/MGASA-2019-0223.html
Type: security
CVE: CVE-2018-15822

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.