Debian Security Advisory
DSA-2494-1 ffmpeg -- several vulnerabilities
- Date Reported:
- 14 Jun 2012
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852.
- More information:
It was discovered that FFmpeg, Debian's version of the Libav media codec suite, contains vulnerabilities in the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952).
In addition, this update contains bug fixes from the Libav 0.5.9 upstream release.
For the stable distribution (squeeze), these problems have been fixed in version 4:0.5.9-1.
For the unstable distribution (sid), these problems have been fixed in version 6:0.8.3-1.
We recommend that you upgrade your ffmpeg packages.