Debian Package Tracker

general

source: ffmpeg (main)
version: 7:4.1.1-1
maintainer: Debian Multimedia Maintainers (archive) [DMD]
uploaders: Andreas Cadhalpun [DMD] – James Cowgill [DMD] – Balint Reczey [DMD] – Alexander Strasser [DMD] – Reinhard Tartler [DMD]
arch: all any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

old-bpo: 7:3.2.10-1~deb9u1~bpo8+1
stable: 7:3.2.12-1~deb9u1
stable-sec: 7:3.2.12-1~deb9u1
testing: 7:4.1-1
unstable: 7:4.1.1-1

versioned links

7:3.2.5-1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7:3.2.10-1~deb9u1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7:3.2.12-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7:4.0.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7:4.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7:4.1.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ffmpeg
ffmpeg-doc
libavcodec-dev
libavcodec-extra
libavcodec-extra58
libavcodec58
libavdevice-dev
libavdevice58
libavfilter-dev
libavfilter-extra
libavfilter-extra7
libavfilter7
libavformat-dev
libavformat58
libavresample-dev
libavresample4
libavutil-dev
libavutil56
libpostproc-dev
libpostproc55
libswresample-dev
libswresample3
libswscale-dev
libswscale5

action needed

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2019-1000016: FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in after commit b97a4b658814b2de8b9f2a3bce491c002d34de31.

Please fix it.

Created: 2019-02-05 Last update: 2019-02-15 19:00

Depends on packages which need a new maintainer normal

The packages that ffmpeg depends on which need a new maintainer are:

libcdio-paranoia (#881910)
- Build-Depends: libcdio-paranoia-dev
- Depends: libcdio-cdda2 libcdio-paranoia2
libiec61883 (#826285)
- Build-Depends: libiec61883-dev
- Depends: libiec61883-0

Created: 2017-12-02 Last update: 2019-02-21 23:30

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2019-01-02 Last update: 2019-02-21 20:34

lintian reports 8 warnings normal

Lintian reports 8 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-01-16 Last update: 2019-01-16 09:09

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-15822: The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure.
CVE-2018-1999011: FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.

Please fix them.

Created: 2017-12-01 Last update: 2019-02-15 19:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-10-01 Last update: 2018-10-01 03:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-02-15 18:43

testing migrations

This package will soon be part of the auto-x265 transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Too young, only 7 of 10 days old
- Piuparts tested OK - https://piuparts.debian.org/sid/source/f/ffmpeg.html
- Required age reduced by 0 days because of autopkgtest
- Checking build-dependency (indep) on amd64
- Not considered

news

[rss feed]

[2019-02-15] Accepted ffmpeg 7:4.1.1-1 (source) into unstable (James Cowgill)
[2018-12-31] ffmpeg 7:4.1-1 MIGRATED to testing (Debian testing watch)
[2018-12-22] Accepted ffmpeg 7:4.1-1 (source) into unstable (James Cowgill)
[2018-11-06] ffmpeg 7:4.0.3-1 MIGRATED to testing (Debian testing watch)
[2018-11-03] Accepted ffmpeg 7:4.0.3-1 (source) into unstable (James Cowgill)
[2018-09-25] ffmpeg 7:4.0.2-2 MIGRATED to testing (Debian testing watch)
[2018-09-25] ffmpeg 7:4.0.2-2 MIGRATED to testing (Debian testing watch)
[2018-09-22] Accepted ffmpeg 7:4.0.2-2 (source) into unstable (James Cowgill)
[2018-08-04] Accepted ffmpeg 7:3.2.12-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (James Cowgill)
[2018-07-29] Accepted ffmpeg 7:3.2.12-1~deb9u1 (source) into stable->embargoed, stable (James Cowgill)
[2018-07-24] ffmpeg 7:4.0.2-1 MIGRATED to testing (Debian testing watch)
[2018-07-24] ffmpeg 7:4.0.2-1 MIGRATED to testing (Debian testing watch)
[2018-07-21] Accepted ffmpeg 7:4.0.2-1 (source) into unstable (James Cowgill)
[2018-07-19] Accepted ffmpeg 7:3.2.11-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (James Cowgill)
[2018-07-18] Accepted ffmpeg 7:4.0.1-2 (source) into unstable (James Cowgill)
[2018-07-17] Accepted ffmpeg 7:3.2.11-1~deb9u1 (source) into stable->embargoed, stable (James Cowgill)
[2018-07-13] ffmpeg 7:3.4.3-1 MIGRATED to testing (Debian testing watch)
[2018-07-11] Accepted ffmpeg 7:4.0.1-1 (source) into experimental (Sebastian Ramacher)
[2018-07-10] Accepted ffmpeg 7:3.4.3-1 (source) into unstable (Sebastian Ramacher)
[2018-06-06] Accepted ffmpeg 7:4.0-3 (source) into experimental (James Cowgill)
[2018-05-06] Accepted ffmpeg 7:4.0-2 (source) into experimental (James Cowgill)
[2018-04-22] Accepted ffmpeg 7:4.0-1 (source) into experimental (James Cowgill)
[2018-04-14] ffmpeg 7:3.4.2-2 MIGRATED to testing (Debian testing watch)
[2018-04-09] Accepted ffmpeg 7:3.4.2-2 (source) into unstable (James Cowgill)
[2018-02-18] ffmpeg 7:3.4.2-1 MIGRATED to testing (Debian testing watch)
[2018-02-12] Accepted ffmpeg 7:3.4.2-1 (source) into unstable (James Cowgill)
[2018-02-11] Accepted ffmpeg 7:3.2.10-1~deb9u1~bpo8+1 (source all) into jessie-backports->backports-policy, jessie-backports (James Cowgill)
[2018-02-08] Accepted ffmpeg 7:3.2.10-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (James Cowgill)
[2018-01-24] Accepted ffmpeg 7:3.5~git20180113-1 (source amd64 all) into experimental, experimental (James Cowgill)
[2017-12-17] ffmpeg 7:3.4.1-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 8 9
RC: 0
I&N: 3 4
M&W: 5
F&P: 0
patch: 0

links

homepage
lintian (0, 8)
buildd: logs, checks, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 7:4.1.1-1
5 bugs