Debian Long Term Support / LTS Security Information / 2014 / Security Information -- DLA-83-1 ffmpeg

Debian Security Advisory

DLA-83-1 ffmpeg -- LTS security update

Date Reported:

07 Nov 2014

Affected Packages:

ffmpeg

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

This update to ffmpeg disables support for over 100 codecs, decoders, and formats that are rarely used nowadays, for which the support available in squeeze is most likely insufficient, etc.

This update is only meant to reduce the attack surface.

ffmpeg is otherwise unsupported in squeeze-lts, and any use of it with untrusted data is highly discouraged.

For Debian 6 Squeeze, these issues have been fixed in ffmpeg version 4:0.5.10-1+deb6u1