Security
Security
Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-assisted remote code execution.
| Package | media-libs/libmediainfo on all architectures |
|---|---|
| Affected versions | < 23.10 |
| Unaffected versions | >= 23.10 |
| Package | media-video/mediainfo on all architectures |
|---|---|
| Affected versions | < 23.10 |
| Unaffected versions | >= 23.10 |
MediaInfo supplies technical and tag information about media files. MediaInfoLib contains MediaInfo libraries.
Multiple vulnerabilities have been discovered in MediaInfo and MediaInfoLib. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All MediaInfo users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-video/mediainfo-23.10"
All MediaInfolib users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libmediainfo-23.10"