USN-3967-1: FFmpeg vulnerabilities

06 May 2019

FFmpeg could be made to crash if it opened a specially crafted file.

Releases

Packages

  • ffmpeg - Tools for transcoding, streaming and playing of multimedia files

Details

It was discovered that FFmpeg contained multiple security issues when handling
certain multimedia files. If a user were tricked into opening a crafted
multimedia file, an attacker could cause a denial of service via application
crash.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.10
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-4431-1: libavcodec-extra58, libavfilter-ffmpeg5, libpostproc55, libpostproc-dev, libavcodec-ffmpeg-extra56, libavfilter-extra7, libswscale-dev, libavfilter-extra, ffmpeg-doc, libavdevice58, libavcodec58, libpostproc54, libav-tools, libavcodec57, libavfilter-extra6, libavcodec-dev, libavcodec-extra, libavutil55, libavresample4, libavresample-dev, libavresample3, libavdevice-dev, libavutil-ffmpeg54, libavformat58, libavutil-dev, libavcodec-extra57, libavfilter6, libavformat-dev, libavfilter7, libswresample-ffmpeg1, libswresample2, libavresample-ffmpeg2, libavformat-ffmpeg56, libswscale-ffmpeg3, libswresample3, libswscale5, libavformat57, libavutil56, libpostproc-ffmpeg53, libavfilter-dev, libavdevice57, libswresample-dev, libavdevice-ffmpeg56, libswscale4, libavcodec-ffmpeg56, ffmpeg