-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4049-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 27, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ffmpeg CVE ID : CVE-2017-15186 CVE-2017-15672 CVE-2017-16840 Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (stretch), these problems have been fixed in version 7:3.2.9-1~deb9u1. We recommend that you upgrade your ffmpeg packages. For the detailed security status of ffmpeg please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ffmpeg Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAloch7cACgkQEMKTtsN8 TjZ79g//U8aBfeqDSI0qxYLd6WLnm3GIDLJCKN31ebrfR5r+b34VHN+KISEQY2ML bZvSp/fmCwSwnpzGuPKQ++d539Ir7/GR28hThqJz0+ElhOjMcMPefH04AKSc76l7 0stKF3vQt42oyxve21zH7vz3QZRlGcneZZxZOWeypJOpi2T5IFnbZnaelfopEkee yyCGBLIq9aXKO6/r0IXye1HrU+8Iz4I8rUV7/LoEcbTNTMNgvRiLTT7UuhZqvVBC qKk1aJQu94f8A7/ibFPX/RCqZurKzqBTbfB15YWq8DMfCgH3qgXiL65BXZ3HFqXX kb5vcDCPpHujS7SCtPjYkRjGIWLQW8JuZeWhon3JD0qDFC0mnwVxs1cS+Xkqa/Ax CbWjMEp8VnJcipxzaC5bxpzO6qVanKwWy337hG/gjD78y8A6kqLQ+Fj6E7/LF2yn /idOpU+AnGZHT5J/7n4O4WaEtWXVg89u93FM3de/FrTe7T+EvYF7lrUs1UMu9rbT +gG07m9vhSQtpVk/p3ZYUk+/kY8nOUuuC4SLfkc2yqDA9d5gZTgKR2tz35XJGKvV jGdOUsO+GmOVUjWedZ4b4zmRL0qAnwhFSj09Cn0ErUdrf/my5Tc0DBcwOfLlecX1 wQYvuh45vREZzWGAmPAKVEA903t09CwVjTilUWVE6CmjmfSaeTE= =zUcN -----END PGP SIGNATURE-----