Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Ubuntu 22.04 LTS: USN-5483-1 Moderate: libxml2 Security Vulnerability

ubuntu
Calendar Grey June 9, 2022
Dist Ubuntu Esm H88
Numerous vulnerabilities in FFmpeg impacting various Ubuntu distributions have been addressed. Ensure your system is updated to maintain its security.
Several security issues were fixed in FFmpeg.

Summary

Several security issues were fixed in FFmpeg.

Software Description:

- ffmpeg: Tools for transcoding, streaming and playing of multimedia files

Details:

It was discovered that FFmpeg would attempt to divide by zero when using Linear

Predictive Coding (LPC) or AAC codecs. An attacker could possibly use this

issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS,

Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20445, CVE-2020-20446,

CVE-2020-20453)

It was discovered that FFmpeg incorrectly handled certain input. An attacker

could possibly use this issue to cause a denial of service. This issue only

affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2020-20450)

It was discovered that FFmpeg incorrectly handled file conversion to APNG

format. An attacker could possibly use this issue to cause a denial of

service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

(CVE-2020-21041)

It was discovered that FFmpeg incorrectly handled rem...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  ffmpeg                          7:4.4.2-0ubuntu0.22.04.1
  libavcodec-extra58              7:4.4.2-0ubuntu0.22.04.1
  libavcodec58                    7:4.4.2-0ubuntu0.22.04.1
  libavdevice58                   7:4.4.2-0ubuntu0.22.04.1
  libavfilter-extra7              7:4.4.2-0ubuntu0.22.04.1
  libavfilter7                    7:4.4.2-0ubuntu0.22.04.1
  libavformat-extra58             7:4.4.2-0ubuntu0.22.04.1
  libavformat58                   7:4.4.2-0ubuntu0.22.04.1
  libavutil56                     7:4.4.2-0ubuntu0.22.04.1
  libpostproc55                   7:4.4.2-0ubuntu0.22.04.1
  libswresample3                  7:4.4.2-0ubuntu0.22.04.1
  libswscale5                     7:4.4.2-0ubuntu0.22.04.1

Ubuntu 21.10:
  ffmpeg                          7:4.4.2-0ubuntu0.21.10.1
  libavcodec-extra58              7:4.4.2-0ubuntu0.21.10.1
  libavcodec58                    7:4.4.2-0ubuntu0.21.10.1
  libavdevice58                   7:4.4.2-0ubuntu0.21.10.1
  libavfilter-extra7              7:4.4.2-0ubuntu0.21.10.1
  libavfilter7                    7:4.4.2-0ubuntu0.21.10.1
  libavformat-extra58             7:4.4.2-0ubuntu0.21.10.1
  libavformat58                   7:4.4.2-0ubuntu0.21.10.1
  libavutil56                     7:4.4.2-0ubuntu0.21.10.1
  libpostproc55                   7:4.4.2-0ubuntu0.21.10.1
  libswresample3                  7:4.4.2-0ubuntu0.21.10.1
  libswscale5                     7:4.4.2-0ubuntu0.21.10.1

Ubuntu 20.04 LTS:
  ffmpeg                          7:4.2.7-0ubuntu0.1
  libavcodec-extra58              7:4.2.7-0ubuntu0.1
  libavcodec58                    7:4.2.7-0ubuntu0.1
  libavdevice58                   7:4.2.7-0ubuntu0.1
  libavfilter-extra7              7:4.2.7-0ubuntu0.1
  libavfilter7                    7:4.2.7-0ubuntu0.1
  libavformat58                   7:4.2.7-0ubuntu0.1
  libavresample4                  7:4.2.7-0ubuntu0.1
  libavutil56                     7:4.2.7-0ubuntu0.1
  libpostproc55                   7:4.2.7-0ubuntu0.1
  libswresample3                  7:4.2.7-0ubuntu0.1
  libswscale5                     7:4.2.7-0ubuntu0.1

Ubuntu 18.04 LTS:
  ffmpeg                          7:3.4.11-0ubuntu0.1
  libavcodec-extra57              7:3.4.11-0ubuntu0.1
  libavcodec57                    7:3.4.11-0ubuntu0.1
  libavdevice57                   7:3.4.11-0ubuntu0.1
  libavfilter-extra6              7:3.4.11-0ubuntu0.1
  libavfilter6                    7:3.4.11-0ubuntu0.1
  libavformat57                   7:3.4.11-0ubuntu0.1
  libavresample3                  7:3.4.11-0ubuntu0.1
  libavutil55                     7:3.4.11-0ubuntu0.1
  libpostproc54                   7:3.4.11-0ubuntu0.1
  libswresample2                  7:3.4.11-0ubuntu0.1
  libswscale4                     7:3.4.11-0ubuntu0.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References

https://ubuntu.com/security/notices/USN-5472-1

CVE-2020-20445, CVE-2020-20446, CVE-2020-20450, CVE-2020-20453,

CVE-2020-21041, CVE-2020-21688, CVE-2020-21697, CVE-2020-22015,

CVE-2020-22016, CVE-2020-22017, CVE-2020-22019, CVE-2020-22020,

CVE-2020-22021, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025,

CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22029,

CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22033,

CVE-2020-22034, CVE-2020-22035, CVE-2020-22036, CVE-2020-22037,

CVE-2020-22042, CVE-2020-35965, CVE-2021-38114, CVE-2021-38171,

CVE-2021-38291, CVE-2022-1475

June 08, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.