Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-6617

Published: 24 December 2013

The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.

Notes

AuthorNote
alexmurray
The Debian chromium source package is called chromium-browser in
Ubuntu
mdeslaur
starting with Ubuntu 19.10, the chromium-browser package is just
a script that installs the Chromium snap
sbeattie
kino uses the system ffmpeg libraries

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
impish Not vulnerable
(code not present)
jammy Not vulnerable
(code not present)
bionic Not vulnerable

focal Not vulnerable
(code not present)
groovy Not vulnerable
(code not present)
kinetic Not vulnerable
(code not present)
lunar Not vulnerable
(code not present)
hirsute Not vulnerable
(code not present)
trusty Does not exist

upstream
Released
xenial Not vulnerable

mantic Not vulnerable
(code not present)
ffmpeg
Launchpad, Ubuntu, Debian
impish Not vulnerable

jammy Not vulnerable

xenial Not vulnerable

kinetic Not vulnerable

lunar Not vulnerable

bionic Not vulnerable

focal Not vulnerable

groovy Not vulnerable

hirsute Not vulnerable

trusty Does not exist

upstream Not vulnerable
(debian: Introduced in 0.9 with d77f4afa9814b0433be6fdbfd7d8a113592ba680)
mantic Not vulnerable

Patches:
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9929991da7b843e7d80154fcacc4e80579b86a2d
gstreamer0.10-ffmpeg
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

mantic Does not exist

kino
Launchpad, Ubuntu, Debian
impish Not vulnerable
(uses system ffmpeg)
bionic Not vulnerable
(uses system ffmpeg)
focal Not vulnerable
(uses system ffmpeg)
groovy Not vulnerable
(uses system ffmpeg)
xenial Not vulnerable
(uses system ffmpeg)
kinetic Does not exist

lunar Does not exist

hirsute Not vulnerable
(uses system ffmpeg)
jammy Not vulnerable
(uses system ffmpeg)
trusty Does not exist

upstream Needs triage

mantic Does not exist

libav
Launchpad, Ubuntu, Debian
impish Does not exist

trusty Needs triage

jammy Does not exist

kinetic Does not exist

lunar Does not exist

bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (6:9.11-1)
xenial Does not exist

mantic Does not exist

oxide-qt
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Does not exist

xenial Needs triage

kinetic Does not exist

lunar Does not exist

bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needs triage

mantic Does not exist

mythtv
Launchpad, Ubuntu, Debian
groovy Ignored
(end of life)
kinetic Ignored
(end of life, was needs-triage)
jammy Needs triage

bionic Needs triage

focal Needs triage

hirsute Ignored
(end of life)
impish Ignored
(end of life)
trusty Does not exist

upstream Needs triage

xenial Needs triage

mantic Needs triage

lunar Ignored
(end of life, was needs-triage)
qtwebengine-opensource-src
Launchpad, Ubuntu, Debian
groovy Ignored
(end of life)
kinetic Ignored
(end of life, was needs-triage)
bionic Needs triage

focal Needs triage

hirsute Ignored
(end of life)
impish Ignored
(end of life)
jammy Needs triage

trusty Does not exist

upstream Needs triage

xenial Does not exist

mantic Needs triage

lunar Ignored
(end of life, was needs-triage)
vice
Launchpad, Ubuntu, Debian
groovy Ignored
(end of life)
hirsute Ignored
(end of life)
kinetic Ignored
(end of life, was needs-triage)
jammy Needs triage

xenial Needs triage

bionic Needs triage

focal Needs triage

impish Ignored
(end of life)
trusty Does not exist

upstream Needs triage

mantic Needs triage

lunar Ignored
(end of life, was needs-triage)
gst-libav1.0
Launchpad, Ubuntu, Debian
kinetic Ignored
(end of life, was needs-triage)
jammy Needs triage

xenial Needs triage

bionic Needs triage

focal Needs triage

groovy Ignored
(end of life)
hirsute Ignored
(end of life)
impish Ignored
(end of life)
trusty Does not exist

upstream Needs triage

mantic Needs triage

lunar Ignored
(end of life, was needs-triage)