Updated ffmpeg packages fix security vulnerabilities: This update provides ffmpeg version 4.1.5, which fixes several bugs, and atleasst the follwing security vulnerabilities: In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer (CVE-2019-17539). FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/ vqavideo.c (CVE-2019-17542).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | ffmpeg | <Â 4.1.5-1 | ffmpeg-4.1.5-1.mga7 |
Mageia | 7 | noarch | ffmpeg | <Â 4.1.5-1 | ffmpeg-4.1.5-1.mga7.tainted |