+++ This bug was initially created as a clone of Bug #31675 +++ Fedora has issued an advisory today (March 14): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FTSFKF7VKRUQBG3BV5JUKE7ZZLGPI34D/ The issues are fixed upstream in 6.0. Mageia 8 is also affected. These CVEs came from Chrome. I don't see any added patches in the Chromium source code, though they might have just updated the ffmpeg source itself. Leaving this bug for when/if we get any additional information on these CVEs.
Status comment: (none) => Fixed upstream in 6.0
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=31796
CC: (none) => nicolas.salgueroWhiteboard: (none) => MGA9TOO
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=32964
SUSE has issued an advisory on April 29: https://lwn.net/Articles/971733/
Status comment: Fixed upstream in 6.0 => Fixed upstream in 7.0Summary: ffmpeg new security issues CVE-2023-092[7-9], CVE-2023-093[0-3], CVE-2023-0941, CVE-2023-121[3-9], CVE-2023-122[0-7] => ffmpeg new security issues CVE-2023-092[7-9], CVE-2023-093[0-3], CVE-2023-0941, CVE-2023-121[3-9], CVE-2023-122[0-7], CVE-2023-49502, CVE-2024-31578