Slackware Local Security Checks : Slackware: Security Advisory (SSA:2024-235-01)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.13.2024.235.01

Categoría: Slackware Local Security Checks

Título: Slackware: Security Advisory (SSA:2024-235-01)

Resumen: The remote host is missing an update for the 'ffmpeg' package(s) announced via the SSA:2024-235-01 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ffmpeg' package(s) announced via the SSA:2024-235-01 advisory.

Vulnerability Insight:
New ffmpeg packages are available for Slackware 15.0 to fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/ffmpeg-4.4.5-i586-1_slack15.0.txz: Upgraded.
This update addresses several vulnerabilities in FFmpeg which could result
in denial of service, or potentially the execution of arbitrary code if
malformed files/streams are processed.
Thanks to pbslxw for the heads-up.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'ffmpeg' package(s) on Slackware 15.0.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-1475
https://security.gentoo.org/glsa/202312-14
https://bugzilla.redhat.com/show_bug.cgi?id=2076764
https://trac.ffmpeg.org/ticket/9651
Common Vulnerability Exposure (CVE) ID: CVE-2022-3109
Debian Security Information: DSA-5394 (Google Search)
https://www.debian.org/security/2023/dsa-5394
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOMB6WRUC55VWV25IKJTV22KARBUGWGQ/
https://bugzilla.redhat.com/show_bug.cgi?id=2153551
https://github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568
https://lists.debian.org/debian-lts-announce/2023/06/msg00016.html
Common Vulnerability Exposure (CVE) ID: CVE-2022-3341
https://bugzilla.redhat.com/show_bug.cgi?id=2157054
https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e
Common Vulnerability Exposure (CVE) ID: CVE-2022-3964
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984
https://vuldb.com/?id.213543
Common Vulnerability Exposure (CVE) ID: CVE-2022-48434
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQHNSWXFUN3VJ3AO2AEJUK3BURSGM5G2/
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cc867f2c09d2b69cee8a0eccd62aff002cbbfe11
https://news.ycombinator.com/item?id=35356201
https://wrv.github.io/h26forge.pdf
Common Vulnerability Exposure (CVE) ID: CVE-2023-47342
Common Vulnerability Exposure (CVE) ID: CVE-2024-7055

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2024.235.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2024-235-01)
Resumen:	The remote host is missing an update for the 'ffmpeg' package(s) announced via the SSA:2024-235-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ffmpeg' package(s) announced via the SSA:2024-235-01 advisory. Vulnerability Insight: New ffmpeg packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/ffmpeg-4.4.5-i586-1_slack15.0.txz: Upgraded. This update addresses several vulnerabilities in FFmpeg which could result in denial of service, or potentially the execution of arbitrary code if malformed files/streams are processed. Thanks to pbslxw for the heads-up. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'ffmpeg' package(s) on Slackware 15.0. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-1475 https://security.gentoo.org/glsa/202312-14 https://bugzilla.redhat.com/show_bug.cgi?id=2076764 https://trac.ffmpeg.org/ticket/9651 Common Vulnerability Exposure (CVE) ID: CVE-2022-3109 Debian Security Information: DSA-5394 (Google Search) https://www.debian.org/security/2023/dsa-5394 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOMB6WRUC55VWV25IKJTV22KARBUGWGQ/ https://bugzilla.redhat.com/show_bug.cgi?id=2153551 https://github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568 https://lists.debian.org/debian-lts-announce/2023/06/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2022-3341 https://bugzilla.redhat.com/show_bug.cgi?id=2157054 https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e Common Vulnerability Exposure (CVE) ID: CVE-2022-3964 https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984 https://vuldb.com/?id.213543 Common Vulnerability Exposure (CVE) ID: CVE-2022-48434 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQHNSWXFUN3VJ3AO2AEJUK3BURSGM5G2/ https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cc867f2c09d2b69cee8a0eccd62aff002cbbfe11 https://news.ycombinator.com/item?id=35356201 https://wrv.github.io/h26forge.pdf Common Vulnerability Exposure (CVE) ID: CVE-2023-47342 Common Vulnerability Exposure (CVE) ID: CVE-2024-7055
Copyright	Copyright (C) 2024 Greenbone AG