Fedora alert FEDORA-2025-48dc56cf48 (ffmpeg)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 41 Update: ffmpeg-7.1.2-1.fc41 | |
| Date: | Fri, 03 Oct 2025 01:17:40 +0000 | |
| Message-ID: | <20251003011740.9537A5E228@bastion01.rdu3.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-48dc56cf48 2025-10-03 01:16:27.010936+00:00 -------------------------------------------------------------------------------- Name : ffmpeg Product : Fedora 41 Version : 7.1.2 Release : 1.fc41 URL : https://ffmpeg.org/ Summary : A complete solution to record, convert and stream audio and video Description : FFmpeg is a leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards committee, the community or a corporation. This build of ffmpeg is limited in the number of codecs supported. -------------------------------------------------------------------------------- Update Information: Update to 7.1.2. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 24 2025 Simone Caronni <negativo17@gmail.com> - 7.1.2-1 - Update to 7.1.2. - Enable VANC processing for SDI. - Explicitly list all implicitly enabled/disabled options. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2346103 - CVE-2025-1373 ffmpeg: FFmpeg MOV Parser mov.c mov_read_trak null pointer dereference [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2346103 [ 2 ] Bug #2346574 - CVE-2025-22919 ffmpeg: FFmpeg AAC File Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2346574 [ 3 ] Bug #2346583 - CVE-2025-25473 ffmpeg: NULL Pointer Dereference in FFmpeg [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2346583 [ 4 ] Bug #2346591 - CVE-2025-25469 ffmpeg: Memory Leak in libavutil/iamf.c in FFmpeg [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2346591 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-48dc56cf48' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue