Advisories » MGASA-2019-0223

Updated mythtv packages fix security issues

Publication date: 18 Aug 2019
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-15822

Description

This update provides and update to mythtv 30, and updates the bundled
ffmpeg to 3.2. It also fixes at least the following issue:

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through
 4.0.2 does not check for an empty audio packet, leading to an assertion
failure (CVE-2018-15822).  

It also fixes mythbackend missing needed environment variables (mga#24104).

For other changes/fixes in this update, see the referenced Release Notes.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24099
• https://bugs.mageia.org/show_bug.cgi?id=24104
• https://www.mythtv.org/wiki/Release_Notes_-_29
• https://www.mythtv.org/wiki/Release_Notes_-_30
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822

SRPMS

6/core

• mythtv-30.0-20190121.1.mga6
• mythtv-mythweb-30.0-1.mga6
• hdhomerun-20180817-1.mga6

6/tainted

• mythtv-30.0-20190121.1.mga6.tainted