GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Jun 19, 2016 1:26 am Post subject: [ GLSA 201606-09 ] FFmpeg |
|
|
Gentoo Linux Security Advisory
Title: FFmpeg: Multiple vulnerabilities (GLSA 201606-09)
Severity: normal
Exploitable: remote
Date: June 18, 2016
Bug(s): #528554, #553732, #571868, #577458
ID: 201606-09
Synopsis
Multiple vulnerabilities have been found in FFmpeg, the worst of
which could lead to arbitrary code execution or Denial of Service
condition.
Background
FFmpeg is a complete, cross-platform solution to record, convert and
stream audio and video.
Affected Packages
Package: media-video/ffmpeg
Vulnerable: < 2.8.6
Unaffected: >= 2.8.6
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in FFmpeg. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code or cause a
Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All FFmpeg users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/ffmpeg-2.8.6"
|
References
CVE-2014-9676
CVE-2016-1897
CVE-2016-1898
CVE-2016-2213
CVE-2016-2326
CVE-2016-2327
CVE-2016-2328
CVE-2016-2329
CVE-2016-2330 |
|