USN-3967-1: FFmpeg vulnerabilities

06 May 2019

FFmpeg could be made to crash if it opened a specially crafted file.

Releases

Packages

  • ffmpeg - Tools for transcoding, streaming and playing of multimedia files

Details

It was discovered that FFmpeg contained multiple security issues when handling
certain multimedia files. If a user were tricked into opening a crafted
multimedia file, an attacker could cause a denial of service via application
crash.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.10
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-4431-1: libavdevice57, libswscale-ffmpeg3, libavcodec-ffmpeg-extra56, libpostproc55, libswscale5, libavdevice-ffmpeg56, libswresample-ffmpeg1, libavcodec57, libpostproc54, libavutil55, libavresample-ffmpeg2, libavformat57, libavcodec-extra57, libswresample2, libavutil56, libswresample3, libavdevice58, libavutil-ffmpeg54, libavresample3, libavcodec-extra58, libpostproc-ffmpeg53, libavformat-ffmpeg56, libavfilter-ffmpeg5, libavresample4, libavcodec58, ffmpeg, libavfilter-extra7, libavcodec-ffmpeg56, libavfilter6, libswscale4, libavformat58, libavfilter7, libavfilter-extra6