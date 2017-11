-----BEGIN PGP SIGNED MESSAGE-----

Debian Security Advisory DSA-4049-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 27, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------



Package : ffmpeg

CVE ID : CVE-2017-15186 CVE-2017-15672 CVE-2017-16840



Several vulnerabilities have been discovered in the FFmpeg multimedia

framework, which could result in denial of service or potentially the

execution of arbitrary code if malformed files/streams are processed.



For the stable distribution (stretch), these problems have been fixed in

version 7:3.2.9-1~deb9u1.



We recommend that you upgrade your ffmpeg packages.



For the detailed security status of ffmpeg please refer to

its security tracker page at:

https://security-tracker.debian.org/tracker/ffmpeg



Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/



Mailing list: debian-security-announce@lists.debian.org

