Accepted ffmpeg 7:3.2.16-1+deb9u1 (source) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 12 Nov 2021 19:27:15 +0100
Source: ffmpeg
Architecture: source
Version: 7:3.2.16-1+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Anton Gladky <gladk@debian.org>
Changes:
ffmpeg (7:3.2.16-1+deb9u1) stretch-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* [23aefd3] New upstream version 3.2.16. Following CVEs are fixed:
CVE-2021-38291 - assertion failure at src/libavutil/mathematics.c
CVE-2020-22054 - A Denial of Service vulnerability due to a memory
leak in the av_dict_set function in dict.c.
CVE-2020-22049 - A Denial of Service vulnerability due to a memory
leak in the wtvfile_open_sector function in wtvdec.c.
CVE-2020-22037 - A Denial of Service vulnerability due to a memory
leak in avcodec_alloc_context3 at options.c
CVE-2020-20453 - Divide By Zero issue via libavcodec/aaccoder, which
allows a remote malicious user to cause a Denial of
Service.
CVE-2020-20446 - Divide By Zero issue via libavcodec/aacpsy.c, which
allows a remote malicious user to cause a Denial of
Service.
CVE-2020-20445 - Divide By Zero issue via libavcodec/lpc.h, which
allows a remote malicious user to cause a Denial of
Service.
* [00f277b] CVE-2020-22048 - A Denial of Service vulnerability due to a
memory leak in the ff_frame_pool_get function in
framepool.c.
* [07e4324] CVE-2020-22046 - A Denial of Service vulnerability due to a
memory leak in the avpriv_float_dsp_allocl function
in libavutil/float_dsp.c.
* [9f66aa6] CVE-2020-22044 - A Denial of Service vulnerability due to a
memory leak in the url_open_dyn_buf_internal function
in libavformat/aviobuf.c.
* [93dcb1b] CVE-2020-22041 - A Denial of Service vulnerability due to a
memory leak in the av_buffersrc_add_frame_flags function
in buffersrc.
* [c8769d4] CVE-2020-20451 - Denial of Service issue due to resource
management errors via fftools/cmdutils.c.
Checksums-Sha1:
de81a7bed1edce57aa102c2914e1092ac4441412 4914 ffmpeg_3.2.16-1+deb9u1.dsc
e087af8bdfc752f139f106ca5305b61a1b16fa7f 8074212 ffmpeg_3.2.16.orig.tar.xz
d5598a0867c5ef9c1b3d9459d3eb41e1031bcd5a 47228 ffmpeg_3.2.16-1+deb9u1.debian.tar.xz
0eb696b1aa342de6019d122b15b32cea68bcd46d 11093 ffmpeg_3.2.16-1+deb9u1_source.buildinfo
Checksums-Sha256:
26af67cada648f4ef9b982a6e5f66ae23a57de47c80a2d53ae3f0b57a5871472 4914 ffmpeg_3.2.16-1+deb9u1.dsc
9b5ce1a4fc1110c1e69e8840fb5911ec9530bd8b20c6984ab2ca23bf2cf882be 8074212 ffmpeg_3.2.16.orig.tar.xz
5e5c4e2b700069d76aafb8dd103406ae99820750d0399fbc586ba87f5c0c63b2 47228 ffmpeg_3.2.16-1+deb9u1.debian.tar.xz
913454e4d9d82db5da4d3628ac5a73a09906c51582dae641bf5b1670c6b48b59 11093 ffmpeg_3.2.16-1+deb9u1_source.buildinfo
Files:
2ea4c3295339a498e4cd0e541c81bfb6 4914 video optional ffmpeg_3.2.16-1+deb9u1.dsc
3379bd66c9a1a7cc9342d09aeba17557 8074212 video optional ffmpeg_3.2.16.orig.tar.xz
c9b50f850a3092909393deaefd78bd83 47228 video optional ffmpeg_3.2.16-1+deb9u1.debian.tar.xz
6ca14ba6e543c56eb57822f0873e365a 11093 video optional ffmpeg_3.2.16-1+deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmGQEb4ACgkQ0+Fzg8+n
/wYinw//fB7LPz7RYr2dVbvwoEdM4+b8np2L70qkczZXjXvMCu6S5EvJNDMXcwpL
xGVDhl5Gc7atxbgKzRJVmL4qI5PS8qX5sinCCbU4XjxICKYpzxSiTFz5qGRUv+Af
MfpudQhkEHJutqa+Aa3hyt5US4wReMotHun0LLkPUAGnPrCJsxPhQ9RNISsHS97v
0w64y6/7xHcgTNeTSwNtIncWsCaSM/iw1HtQi3IFQlHiB8erEZ+7HJDT/hxD9CM9
ql/h2DzzJw2AW5dC6Hsx5FEu4zqi8l4LDOWbop15sXTBoFVFDsRHBKPQqzCL4dHu
dNr9KSHCh3Rn6KcPoVJ1R+H5uL6FcTrL120wYe8m6r+uuXeJpo1RiHX1fMCKi5VP
N+wiGjnb7rq8BofJpUMA3ya7YKNHFQ7liSqpwwHjtNt9HqkO7AQrujHE1eC1E+1O
TWkxymjBW1YmLPuc7lsVc6c0hdG3FG62F3wL65YNtV73wrApw6qTQfNDpoIOe1RA
0zxN++JLj7KQcYZtkL01svrVNvVv2sZLBfeFNyunkEJfVfrVkItZN9OlFIuZnoib
uhaUIOIY5mtzBKG1UK9JlYVm3U9BPbvWHc/xofoIDRccTOopn96/IBjCaZflH7P8
G3m2PHiNSSFq9dlYA6fF838H/2IRH2hQD3K3LqiZsxEHz42Cl5w=
=mk4G
-----END PGP SIGNATURE-----
Reply to: