CLD-289 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2018-6912 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) ffmpeg
Deficiency Type SECURITY
Date Created 2018-02-12 14:27:09
Date Last Modified 2018-02-12 15:32:29

Version Specific Information:

Cucumber 1.0 i686 unknown
Cucumber 1.0 x86_64 unknown

Cucumber 1.1 i686 unknown
Cucumber 1.1 x86_64 unknown

Details:

This has been fixed in the commit
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed.
This commit doesn't backport cleanly to FFmpeg 3.3.x; the code it patches is
not present in FFmpeg 3.3.x. Despite the claim in the Mitre CVE dictionary that
this affectes 'FFmpeg through 3.4.2', this raises doubts as to whether or not
3.3.x is affected at all.