[ubuntu/mantic-security] ffmpeg 7:6.0-6ubuntu1.1 (Accepted)

Allen Huang allen.huang at canonical.com
Thu May 30 12:59:03 UTC 2024


ffmpeg (7:6.0-6ubuntu1.1) mantic-security; urgency=medium

  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-49502.patch: avfilter/bwdif: account for
      chroma sub-sampling in min size calculation
    - CVE-2023-49502
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-49528.patch: avfilter/af_dialoguenhance:
      fix overreads
    - CVE-2023-49528
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-50007.patch: avfilter/af_afwtdn: fix crash
      with EOF handling
    - CVE-2023-50007
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-50008.patch: avfilter/vf_colorcorrect: fix
      memory leaks
    - CVE-2023-50008
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-50009.patch: avfilter/edge_template: Fix
      small inputs with gaussian_blur()
    - CVE-2023-50009
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-50010.patch: avfilter/vf_gradfun: Do not
      overread last line
    - CVE-2023-50010
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-51793.patch: avfilter/vf_weave: Fix odd
      height handling
    - CVE-2023-51793
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-51794.patch: avfilter/af_stereowiden:
      Check length
    - CVE-2023-51794
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-51795-2024-31585.patch:
      avfilter/avf_showspectrum: fix off by 1 error
    - CVE-2023-51795
    - CVE-2024-31585
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-51796.patch: avfilter/f_reverse: Apply PTS
      compensation only when pts is available
    - CVE-2023-51796
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-51798.patch: avfilter/vf_minterpolate:
      Check pts before division
    - CVE-2023-51798
  * SECURITY UPDATE: use after free
    - debian/patches/CVE-2024-31578.patch: avutil/hwcontext: Don't
      assume frames_uninit is reentrant
    - CVE-2024-31578
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2024-31582.patch: avfilter/vf_codecview: fix
      heap buffer overflow
    - CVE-2024-31582

Date: 2024-05-29 15:00:17.448103+00:00
Changed-By: Allen Huang <allen.huang at canonical.com>
https://launchpad.net/ubuntu/+source/ffmpeg/7:6.0-6ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the mantic-changes mailing list