Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted ffmpeg 7:4.3.9-0+deb11u1 (source) into oldstable-security
Date: Mon, 14 Jul 2025 10:30:22 +0000
Signed by: Adrian Bunk <bunk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 14 Jul 2025 11:08:05 +0300
Source: ffmpeg
Architecture: source
Version: 7:4.3.9-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Changes:
 ffmpeg (7:4.3.9-0+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * New upstream release.
     - CVE-2023-6601: Triggering arbitrary demuxers via base64 data URIs
     - CVE-2023-6602: Improper parsing of input files in HLS playlists
     - CVE-2023-6604: Demuxing of arbitrary data as XBIN-formatted data
     - CVE-2023-6605: Arbitrary HTTP GET requests via crafted DASH playlist
Checksums-Sha1:
 8c063ccce953141e7f3c568c3676b565622ff803 5439 ffmpeg_4.3.9-0+deb11u1.dsc
 8456e0f451e3e07e5897061178a5bbe37e5960fb 9410664 ffmpeg_4.3.9.orig.tar.xz
 c1f5bd0835a2c54d1e728ad5e83c4390dbede500 520 ffmpeg_4.3.9.orig.tar.xz.asc
 239f2f1646ad25c5c9c3aedf5f369f6056230a40 91724 ffmpeg_4.3.9-0+deb11u1.debian.tar.xz
Checksums-Sha256:
 76a3cfe49a6232667b8aeff8bff1563391cf36af331c290fd6b8dea4abfdb6f1 5439 ffmpeg_4.3.9-0+deb11u1.dsc
 9e2a718f3956fa87a7dbc73e647d74171bf23b8964b6478d868b9aa623d03374 9410664 ffmpeg_4.3.9.orig.tar.xz
 df377d228c09b8474c4fdf07a615c040b7c71a0c39119a00d5d68dadf7838ed5 520 ffmpeg_4.3.9.orig.tar.xz.asc
 ea6e766c0627880c37033783362ef07d13840c922b6d307c577fd15573a46777 91724 ffmpeg_4.3.9-0+deb11u1.debian.tar.xz
Files:
 c7346d04795756533f0fff993f2f969f 5439 video optional ffmpeg_4.3.9-0+deb11u1.dsc
 66228b6dc6620d047ac48c9d685bb826 9410664 video optional ffmpeg_4.3.9.orig.tar.xz
 2490def9252bc9a650765dfb7ff585e7 520 video optional ffmpeg_4.3.9.orig.tar.xz.asc
 96a106fbc46cb94f9d2e0fd1158efa61 91724 video optional ffmpeg_4.3.9-0+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmh02QUACgkQiNJCh6LY
mLGPAg//aFg8AaOxZg9o+ZVahvR3BKsJtNrh9EmphVVdkyYKiFWqaLVHjvshD6Nb
EDBKxKdiutzxun/m5/MLyVUyTh6+R9esRgWcCmmNQc2azRk2l3ub+WHbB3pdhOQG
BhMLkE5XA87LMwStHCb6Tn39FIZuysHvxeh5+cNCeinuUGkr2XGyckf80fMbLs6o
purRsPkdDrgaX156krfJ8U9FTIotPB27yJnTkEQ/3WeubpLm6qbmcUGfe74I+rbJ
qXH8O/xE42aH/6hCgw8bB/F+2OYlvc3VCPINzVTURcf/0oBAG8jDoQS55a7CDVlN
4hRkmxYKiFwKb/Ke1mVE6r7Al5oqG49O0czlUjjhoz/QV6fYeR1U3OoM5pbwaTsi
+/vc4QHppFwsfJZGIHoV+xuxWxmbfIeQzjjZf4C9E7B8Gv8Pm2Vle8mglna6yEZM
pL1cKH7MJHLsZX3FOYlbhXkMI9ESP7jlUOUZJJw08hEdgSEjF50ng69zFop2HWyZ
qOjPE6EGbXSzwlaeVepNgsDy2yHFl/lTPMDJlgx4qyz6SHOqufQaIsJW38SPIjd2
x1jJ/fK/FWS0vE4OWl7W4PsxIBbXcazh2zviWWyXG+7l+JLsBfKONuODVDWoP/Jc
u6CsZd50zvwibt0YyMk5r05QF7k1+ZX/YG/96pAONpm73uYFMjo=
=amtI
-----END PGP SIGNATURE-----

News for package ffmpeg