USN-3967-1: FFmpeg vulnerabilities

06 May 2019

FFmpeg could be made to crash if it opened a specially crafted file.

Releases

Packages

  • ffmpeg - Tools for transcoding, streaming and playing of multimedia files

Details

It was discovered that FFmpeg contained multiple security issues when handling
certain multimedia files. If a user were tricked into opening a crafted
multimedia file, an attacker could cause a denial of service via application
crash.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.10
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-4431-1: libavformat58, libswscale5, libavdevice58, libavcodec58, libavdevice57, libavdevice-ffmpeg56, libavresample-ffmpeg2, libavresample4, libpostproc55, libswscale4, libswresample2, libavfilter-ffmpeg5, libavresample3, libswresample3, ffmpeg, libavfilter7, libswresample-ffmpeg1, libpostproc54, libavcodec-extra57, libavcodec-ffmpeg56, libavfilter-extra6, libavutil-ffmpeg54, libavcodec57, libavutil55, libavcodec-ffmpeg-extra56, libavfilter-extra7, libavutil56, libavcodec-extra58, libpostproc-ffmpeg53, libavformat-ffmpeg56, libswscale-ffmpeg3, libavformat57, libavfilter6