| Package | ffmpeg |
|---|---|
| Version | 7:4.1.11-0+deb10u3 (buster) |
| Related CVEs | CVE-2024-35366 CVE-2024-35367 CVE-2024-35368 CVE-2024-36616 CVE-2024-36617 CVE-2024-36618 |
Several issues have been found in ffmpeg, a package that contains tools for transcoding, streaming and playing of multimedia files Those issues are related to possible integer overflows, double-free on errors, out-of-bounds access, seeks beyond 64bit and an incomplete check of negative durations.
For Debian 10 buster, these problems have been fixed in version 7:4.1.11-0+deb10u3.
We recommend that you upgrade your ffmpeg packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.