FFmpeg < 6.1 affected by a security issue, and a memory leak

9 views

Skip to first unread message

Greg Logan

unread,

Feb 26, 2024, 11:54:27 AM2/26/24

to security...@opencast.org, Opencast Users, d...@opencast.org

Hi all,

The FFmpeg project recently released a security advisory relating to some code in FFmpeg 6.x, which affected our distribution. We began upgrading to FFmpeg 6.1, however [1] exposed a memory leak in the build we were using. Because of this, we have recently upgraded the ffmpeg version in our repositories to N-68649-g40c5c19eac, which contains a fix for the leak, as well as the security issue. If you are using a different distribution of ffmpeg you may need to patch manually.

If you are on Opencast 14, or 15, this is a drop-in replacement, and should happen automatically when you do your normal OS patching. The Docker containers also already contain the upgraded ffmpeg version. Older releases of Opencast should not be affected.

Thanks,

1: https://github.com/opencast/opencast/issues/5595

Reply all

Reply to author

Forward

0 new messages