FAAD2: Multiple vulnerabilities
Multiple vulnerabilities have been found in FAAD2, the worst of
which could result in the arbitrary execution of code.
faad2
2020-06-15
2020-06-15
695540
local, remote
2.9.0
2.9.0
FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder.
Multiple vulnerabilities have been discovered in FAAD2. Please review
the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All FAAD2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/faad2-2.9.0"
CVE-2018-19502
CVE-2018-19503
CVE-2018-19504
CVE-2018-20194
CVE-2018-20195
CVE-2018-20196
CVE-2018-20197
CVE-2018-20198
CVE-2018-20199
CVE-2018-20357
CVE-2018-20358
CVE-2018-20359
CVE-2018-20360
CVE-2018-20361
CVE-2018-20362
CVE-2019-15296
CVE-2019-6956
BlueKnight
sam_c