USN-3967-1: FFmpeg vulnerabilities

06 May 2019

FFmpeg could be made to crash if it opened a specially crafted file.

Releases

Packages

  • ffmpeg - Tools for transcoding, streaming and playing of multimedia files

Details

It was discovered that FFmpeg contained multiple security issues when handling
certain multimedia files. If a user were tricked into opening a crafted
multimedia file, an attacker could cause a denial of service via application
crash.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.10
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-4431-1: libavdevice57, libavcodec58, libavfilter-extra6, ffmpeg, libpostproc-ffmpeg53, libswscale5, libavformat58, libswscale4, libpostproc55, libpostproc54, libavcodec-extra58, libavresample3, libavcodec57, libavutil56, libavresample4, libavfilter-extra7, libavresample-ffmpeg2, libswscale-ffmpeg3, libavdevice58, libavutil55, libavformat-ffmpeg56, libswresample2, libswresample-ffmpeg1, libavcodec-extra57, libavfilter7, libavutil-ffmpeg54, libavfilter6, libswresample3, libavcodec-ffmpeg56, libavformat57, libavdevice-ffmpeg56, libavcodec-ffmpeg-extra56, libavfilter-ffmpeg5