lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20190816203840.tofpb2dy44al2hzh@seger.debian.org>
Date: Fri, 16 Aug 2019 20:38:40 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4502-1] ffmpeg security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4502-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 16, 2019                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ffmpeg
CVE ID         : CVE-2019-12730

Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (buster), this problem has been fixed in
version 7:4.1.4-1~deb10u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1XE8QACgkQEMKTtsN8
TjY4Kw/9GjbvVYKZzzgmlwmwVxMm9T6hVrQky5tqIlmYINyeosFfctP3TV1h21XQ
YJIL9MGQymaq6Je1VSM4Q32CTELNNHbiDKE1ZeBqMjB3cz8ZDMWtN+rO7UuIo8Mb
RlGTax4voLEeEy27gzzs6P5gjyfE0HP41W0958jphQuBfpO8ptgJDvkta1QRyCXj
IDFWP0CYP5Ko2kEzJ9LRaHVAR4Tdxd6slV6Y9NFuAu4nvDjfsXya1RQcL22be3Lz
dW5LMMP3LiLgsq3SySAH4t1GRt5AmLVaEKJouPUf0JJq9wJO9+SKYlLeiGj2fxoP
s7IWSJCxh0eLKiUsncMoQYbRdi3TdmdbUYr1TBseGXal8cDGIOrMxKvLj3UfyPsC
ocV4uBi/h8mY6n2vQHBlh5LjTrJdMOHvJBgBg6mLoBUYq0MUejAuc3kFXKxj9tk7
6S0dVD84aGFmHCArlzYrY8KNqSdVUcRmTlXQ97Q448pT6M3qMoDkk8GLgbcp9OsP
I9WFrKj/0GP7xgKYi52+ye1coiKf3IjHp/N4M6DEpn/9JQAKfOdOujn+vqlmqzTK
k26lFYzkQk6G8uU8bXBrT7bnjVuIS2FmykjjmfhS6qqeLEe8e3FjtF5J3W0RuJD7
KGND+fiwGnIxNp8Kc4bz25QHy94aTWhM+8UDmL7ygCuND010hME=
=kZit
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ