Lucene search

DebianDEBIAN:DSA-4258-1:33205

HistoryJul 29, 2018 - 9:11 p.m.

[SECURITY] [DSA 4258-1] ffmpeg security update

2018-07-2921:11:14

lists.debian.org

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.002

Percentile

56.2%

JSON

Debian Security Advisory DSA-4258-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
July 29, 2018 https://www.debian.org/security/faq

Package : ffmpeg
CVE ID : CVE-2018-14395

Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (stretch), this problem has been fixed in
version 7:3.2.12-1~deb9u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9ppc64ellibswscale4< 7:3.2.12-1~deb9u1libswscale4_7:3.2.12-1~deb9u1_ppc64el.deb
Debian9mipselffmpeg< 7:3.2.12-1~deb9u1ffmpeg_7:3.2.12-1~deb9u1_mipsel.deb
Debian9mipslibavfilter-dev< 7:3.2.12-1~deb9u1libavfilter-dev_7:3.2.12-1~deb9u1_mips.deb
Debian9mipsellibavcodec-dev< 7:3.2.12-1~deb9u1libavcodec-dev_7:3.2.12-1~deb9u1_mipsel.deb
Debian9armellibavcodec-dev< 7:3.2.12-1~deb9u1libavcodec-dev_7:3.2.12-1~deb9u1_armel.deb
Debian9i386libavfilter6< 7:3.2.12-1~deb9u1libavfilter6_7:3.2.12-1~deb9u1_i386.deb
Debian9amd64libavutil55-dbgsym< 7:3.2.12-1~deb9u1libavutil55-dbgsym_7:3.2.12-1~deb9u1_amd64.deb
Debian9i386libswresample2< 7:3.2.12-1~deb9u1libswresample2_7:3.2.12-1~deb9u1_i386.deb
Debian9ppc64ellibpostproc54-dbgsym< 7:3.2.12-1~deb9u1libpostproc54-dbgsym_7:3.2.12-1~deb9u1_ppc64el.deb
Debian9armhflibswresample2< 7:3.2.12-1~deb9u1libswresample2_7:3.2.12-1~deb9u1_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	ppc64el	libswscale4	< 7:3.2.12-1~deb9u1	libswscale4_7:3.2.12-1~deb9u1_ppc64el.deb
Debian	9	mipsel	ffmpeg	< 7:3.2.12-1~deb9u1	ffmpeg_7:3.2.12-1~deb9u1_mipsel.deb
Debian	9	mips	libavfilter-dev	< 7:3.2.12-1~deb9u1	libavfilter-dev_7:3.2.12-1~deb9u1_mips.deb
Debian	9	mipsel	libavcodec-dev	< 7:3.2.12-1~deb9u1	libavcodec-dev_7:3.2.12-1~deb9u1_mipsel.deb
Debian	9	armel	libavcodec-dev	< 7:3.2.12-1~deb9u1	libavcodec-dev_7:3.2.12-1~deb9u1_armel.deb
Debian	9	i386	libavfilter6	< 7:3.2.12-1~deb9u1	libavfilter6_7:3.2.12-1~deb9u1_i386.deb
Debian	9	amd64	libavutil55-dbgsym	< 7:3.2.12-1~deb9u1	libavutil55-dbgsym_7:3.2.12-1~deb9u1_amd64.deb
Debian	9	i386	libswresample2	< 7:3.2.12-1~deb9u1	libswresample2_7:3.2.12-1~deb9u1_i386.deb
Debian	9	ppc64el	libpostproc54-dbgsym	< 7:3.2.12-1~deb9u1	libpostproc54-dbgsym_7:3.2.12-1~deb9u1_ppc64el.deb
Debian	9	armhf	libswresample2	< 7:3.2.12-1~deb9u1	libswresample2_7:3.2.12-1~deb9u1_armhf.deb