Univention Bugzilla – Bug 51744
ffmpeg: Multiple issues (4.4)
Last modified: 2020-08-05 15:15:33 CEST
New Debian ffmpeg 7:3.2.15-0+deb9u1 fixes: This update addresses the following issues: * In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c. (CVE-2019-13390) * FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. (CVE-2019-17542) * FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. (CVE-2020-13904)
--- mirror/ftp/4.4/unmaintained/4.4-1/source/ffmpeg_3.2.14-1~deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-5/source/ffmpeg_3.2.15-0+deb9u1.dsc @@ -1,3 +1,13 @@ +7:3.2.15-0+deb9u1 [Mon, 27 Jul 2020 08:57:14 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * New upstream release, fixes include: + - CVE-2019-13390: rawenc: Only accept the appropriate + stream type for raw muxers + - CVE-2019-17542: heap-based buffer overflow in vqa_decode_chunk + - CVE-2020-13904: use-after-free via a crafted EXTINF duration + in an m3u8 file + 7:3.2.14-1~deb9u1 [Wed, 22 May 2019 00:04:41 +0200] Moritz Mühlenhoff <jmm@debian.org>: * New upstream release(s). <http://10.200.17.11/4.4-5/#5124841720451174521>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-5] ce73d6588d Bug #51744: ffmpeg 7:3.2.15-0+deb9u1 doc/errata/staging/ffmpeg.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x689>