Mageia 2020-0046: ffmpeg security update

    Date22 Jan 2020
    178
    Posted ByLinuxSecurity Advisories
    Updated ffmpeg packages fix security vulnerabilities: This update provides ffmpeg version 4.1.5, which fixes several bugs, and atleasst the follwing security vulnerabilities:
    MGASA-2020-0046 - Updated ffmpeg packages fix security vulnerabilities
    
    Publication date: 22 Jan 2020
    URL: https://advisories.mageia.org/MGASA-2020-0046.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2019-17539,
         CVE-2019-17542
    
    Updated ffmpeg packages fix security vulnerabilities:
    
    This update provides ffmpeg version 4.1.5, which fixes several bugs, and
    atleasst the follwing security vulnerabilities:
    
    In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL
    pointer dereference and possibly unspecified other impact when there is
    no valid close function pointer (CVE-2019-17539).
    
    FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk
    because of an out-of-array access in vqa_decode_init in libavcodec/
    vqavideo.c (CVE-2019-17542).
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26072
    - https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1.5
    - http://ffmpeg.org/download.html
    - http://ffmpeg.org/security.html
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542
    
    SRPMS:
    - 7/tainted/ffmpeg-4.1.5-1.mga7.tainted
    - 7/core/ffmpeg-4.1.5-1.mga7
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"35","type":"x","order":"1","pct":92.11,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"2","type":"x","order":"2","pct":5.26,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"1","type":"x","order":"3","pct":2.63,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.