Public bug reported: FFmpeg 3.4.5 is a bug-fix release. It is the latest stable FFmpeg release from the 3.4 release branch, which is in Bionic LTS.
https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/n3.4.5:/Changelog version 3.4.5: - avutil/integer: Fix integer overflow in av_mul_i() - avcodec/msrle: Check that the input is large enough to contain a end of picture code - avcodec/jpeg2000dec: Fix off by 1 error in JPEG2000_PGOD_CPRL handling - avcodec/mpeg4videodec: Fix typo in sprite delta check - avcodec/h264_cavlc: Check mb_skip_run - avcodec/ra144: Fix integer overflow in add_wav() - avformat/utils: Never store negative values in last_IP_duration - avformat/utils: Fix integer overflow in discontinuity check - avcodec/unary: Improve get_unary() docs - avcodec/gdv: Replace divisions by shifts in rescale() - avcodec/dvdsubdec: Sanity check len in decode_rle() - avcodec/mpeg4videodec: Fix undefined shift in get_amv() - avcodec/zmbv: Check that the decompressed data size is correct - avcodec/zmbv: Update decomp_len in raw frames - avcodec/shorten: Fix bitstream end check in read_header() - avcodec/dvdsubdec: Avoid branch in decode_run_8bit() - avcodec/h264_refs: Document last if() in ff_h264_execute_ref_pic_marking() - avcodec/ra144: Fix undefined integer overflow in add_wav() - avcodec/indeo4: Check dimensions in decode_pic_hdr() - avformat/mov: Error on too large stsd entry counts. - examples: Fix use of AV_CODEC_FLAG_GLOBAL_HEADER - avcodec/hq_hqa: Check remaining input bits in hqa_decode_mb() - avcodec/vb: Check for end of bytestream before reading blocktype - avcodec/snowdec: Fix integer overflow with motion vector residual - avformat/nsvdec: Do not parse multiple NSVf - avformat/mlvdec: read_string() received unsigned size, make the argument unsigned - avformat/rmdec: Fix EOF check in the stream loop in ivr_read_header() - avcodec/scpr: Check for min > max in decompress_p() - avcodec/shorten: Fix signed 32bit overflow in shift in shorten_decode_frame() - avcodec/shorten: Fix integer overflow in residual/LPC combination - avcodec/shorten: Check verbatim length - avcodec/mpegaudio_parser: Initialize poutbuf* - avcodec/aacpsdsp_template: Fix integer overflow in ps_stereo_interpolate_c() - avformat/flvenc: Check audio packet size - lavc/svq3: Fix regression decoding some files. - avcodec/qtrle: Check remaining bytestream in qtrle_decode_XYbpp() - avcodec/diracdec: Check bytes count in else branch in decode_lowdelay() too - avcodec/diracdec: Check slice numbers for overflows in relation to picture dimensions - avcodec/diracdec: Change frame_number to 64bit as its a 32bit from the bitstream and we also have a -1 special case - avcodec/dirac_dwt_template: Fix several integer overflows in horizontal_compose_daub97i() - avcodec/diracdec: Prevent integer overflow in intermediate in global_mv() - swresample/swresample: Fix input channel count in resample_first computation - avutil/pixfmt: Document chroma plane size for odd resolutions - avcodec/cuviddec: properly take deinterlacing and display delay into account for buffer_full check - configure: add LIBDRM to extralibs_avutil - avcodec/bitstream_filters: check the input argument of av_bsf_get_by_name() for NUL ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: ffmpeg 7:3.4.4-0ubuntu0.18.04.1 ProcVersionSignature: Ubuntu 4.15.0-43.46-generic 4.15.18 Uname: Linux 4.15.0-43-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.5 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sat Jan 5 01:24:03 2019 InstallationDate: Installed on 2018-11-29 (36 days ago) InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725) SourcePackage: ffmpeg UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: ffmpeg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15822 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1810571 Title: Update to ffmpeg 3.4.5 in Bionic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1810571/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
