FFmpeg security update for Debian

Debian 10350 Published by

Updated FFmpeg packages have been released for Debian GNU/Linux 9 (Stretch) ELTS, 10 (Buster) ELTS, and 11 (Bullseye) LTS:

[DLA 4039-1] ffmpeg security update
ELA-1314-1 ffmpeg security update
ELA-1313-1 ffmpeg security update




[SECURITY] [DLA 4039-1] ffmpeg security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4039-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
February 01, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : ffmpeg
Version : 7:4.3.8-0+deb11u2
CVE ID : CVE-2024-35367 CVE-2024-35368 CVE-2024-36618

Several issues have been found in ffmpeg, a package that contains tools
for transcoding, streaming and playing of multimedia files
Those issues are related to possible integer overflows, double-free on
errors and out-of-bounds access.

For Debian 11 bullseye, these problems have been fixed in version
7:4.3.8-0+deb11u2.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

(I had to resend this email, so sorry if you are getting this twice)



ELA-1314-1 ffmpeg security update


Package : ffmpeg
Version : 7:3.2.19-0+deb9u6 (stretch)

Related CVEs :
CVE-2024-35366
CVE-2024-35367
CVE-2024-36616
CVE-2024-36617
CVE-2024-36618

Several issues have been found in ffmpeg, a package that contains tools
for transcoding, streaming and playing of multimedia files
Those issues are related to possible integer overflows, double-free on
errors, out-of-bounds access and an incomplete check of negative durations.


ELA-1314-1 ffmpeg security update



ELA-1313-1 ffmpeg security update


Package : ffmpeg
Version : 7:4.1.11-0+deb10u3 (buster)

Related CVEs :
CVE-2024-35366
CVE-2024-35367
CVE-2024-35368
CVE-2024-36616
CVE-2024-36617
CVE-2024-36618

Several issues have been found in ffmpeg, a package that contains tools
for transcoding, streaming and playing of multimedia files
Those issues are related to possible integer overflows, double-free on
errors, out-of-bounds access, seeks beyond 64bit and an incomplete
check of negative durations.


ELA-1313-1 ffmpeg security update


ChromeDriver, Kubelogin, BIND updates for SUSE

Fort Firewall 3.15.10 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...