Bugs fixes in "ffmpeg"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2019-11338 | libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL | 2020-07-22 |
| CVE | CVE-2018-15822 | The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failu | 2020-07-22 |
| CVE | CVE-2020-13904 | FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and late | 2020-07-22 |
| CVE | CVE-2019-17539 | In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no va | 2020-07-22 |
| CVE | CVE-2019-17542 | FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. | 2020-07-22 |
| CVE | CVE-2019-13390 | In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c. | 2020-07-22 |
| CVE | CVE-2019-12730 | aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of u | 2020-07-22 |
| CVE | CVE-2020-13904 | FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and late | 2020-07-22 |
| CVE | CVE-2020-12284 | cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missin | 2020-07-22 |
| CVE | CVE-2019-13312 | block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read. | 2020-07-22 |
| CVE | CVE-2018-15822 | The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failu | 2019-05-06 |
| CVE | CVE-2019-9721 | A denial of service in the subtitle decoder in FFmpeg 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle | 2019-05-06 |
| CVE | CVE-2019-9718 | In FFmpeg 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_ht | 2019-05-06 |
| Launchpad | 1823786 | [SRU] ffmpeg 3.4.6 for bionic | 2019-05-06 |
| CVE | CVE-2018-15822 | The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failu | 2019-05-06 |
| CVE | CVE-2019-9721 | A denial of service in the subtitle decoder in FFmpeg 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle | 2019-05-06 |
| CVE | CVE-2019-9718 | In FFmpeg 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_ht | 2019-05-06 |
| Launchpad | 1823786 | [SRU] ffmpeg 3.4.6 for bionic | 2019-05-06 |
| CVE | CVE-2018-14395 | libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a | 2018-08-23 |
| CVE | CVE-2018-14394 | libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a | 2018-08-23 |
About
-
Send Feedback to @ubuntu_updates
