[SECURITY] [DLA 4039-1] ffmpeg security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4039-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
February 01, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : ffmpeg
Version : 7:4.3.8-0+deb11u2
CVE ID : CVE-2024-35367 CVE-2024-35368 CVE-2024-36618
Several issues have been found in ffmpeg, a package that contains tools
for transcoding, streaming and playing of multimedia files
Those issues are related to possible integer overflows, double-free on
errors and out-of-bounds access.
For Debian 11 bullseye, these problems have been fixed in version
7:4.3.8-0+deb11u2.
We recommend that you upgrade your ffmpeg packages.
For the detailed security status of ffmpeg please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ffmpeg
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
(I had to resend this email, so sorry if you are getting this twice)
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmeeUlxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEciCxAAqTN2l9MlxfBcrCRN2EiC/A+XVSUYwfysaa6oD6owsVFqU8RemXDD4uJe
ZwcOriRMojsR0dcwFpbCDVJvOX5jGF4tcJ53gaizEc6fc6IWL3TSol5LgDvoDz2y
HwcZUytF0FQLmUImDnYXuSubYUCuZiln5RbEJKrpoxqdVYFepg1kwFbE4IJi6S1Z
fxKR4SLN0xS/YwIVvdD5XhPKXAYsFTNL4JHXaOyZs3aiWU+SYkcPH9bKZs6sGY51
jzGabtmnj30NwaAsua9y0gUaKtdUjGxmBS8vMcYDNQZrl9NV4/T4Nh3j/tar2DvS
nzTSflNlddDb1apazWwlM5gsBpmkvswOthPQ2JBTxDOsXvkYfnDJwE4sqf69QANX
PmxHS3YkxyUt9YSsExe8oCyubcpr6pKHL6kZ4VJTbDRzlX/1vd9STTQCq+qNEAd2
M2Ho7IopdpjWObnJrvr6Yg6u8CN8xxaSdbpnXZahy15gOJoBGKDeOcUqSJ2BsZtB
U8oynTNWQo3RnCLKstCYtgryUeYDDePBYVV25mls+IaVDvz+Or+8NyDsLafsE4io
004k/UbaQpZ6KoW29dZlDXbwCd6UH32u2sDx2iaRWhRNtNnko7ZsbgQ2XCyeQg8b
qYPkxc6P9ZLebWSxYddWRWwBhSOH0MuZqIDUrx7iyjE5mdx8Yho=
=ZRW7
-----END PGP SIGNATURE-----
Reply to: