unisoft 361 Posted 56 minutes ago Posted 56 minutes ago I see beta build 4.10.0.16-beta got a security update for FFMPEG under entry of Update ffmpeg build to disable magicyuv decoder The vulnerability is called “PixelSmash” (tracked as CVE-2026-8461), a critical heap out-of-bounds write in FFmpeg’s MagicYUV decoder. Are there plans to release just a security update for 4.9.5 customers? I don't run beta on production server and the beta going GA is probably some way off still. Thanks
GrimReaper 5029 Posted 38 minutes ago Posted 38 minutes ago (edited) 19 minutes ago, unisoft said: The vulnerability is called “PixelSmash” (tracked as CVE-2026-8461), a critical heap out-of-bounds write in FFmpeg’s MagicYUV decoder. You can follow related discussion here: 19 minutes ago, unisoft said: Are there plans to release just a security update for 4.9.5 customers? Doesn't appear so, more likely that the beta will be pushed as stable soon(ish). Edited 37 minutes ago by GrimReaper
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now