Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 22.10 : FFmpeg vulnerabilities (USN-5958-1) after running nessus scan

Raul

5/16/24, 1:55 PM

So I have run several nessus scans to check for vulnerabilities on my ubuntu 20.04 setup and I keep getting this vulnerability.

I have followed this: https://ubuntu.com/security/notices/USN-5958-1 and trying to update every package there for ubuntu 20.04 but I get 2 packages that have conflicts:

The following packages have unmet dependencies:
 libavcodec-extra58 : Conflicts: libavcodec58
 libavfilter-extra7 : Conflicts: libavfilter7

So I don't know how to solve this and resolve the vulnerability.

EDIT: I could install the packages but now my problem is that following the link above, when I try to update packages like:

libavcodec-extra - 7:4.2.7-0ubuntu0.1+esm1 it gives me an error:

E: Version '7:4.2.7-0ubuntu0.1+esm1' for 'ffmpeg' was not found

It happens for every package finished in *+esm1.

Thank you!

342

0 + 7

package-management

security

apt

ffmpeg

Artur Meinild

5/16/24, 2:44 PM

Your problem is a dependency problem, that has nothing to do with vulnerabilities. Please see below.

Raul

5/16/24, 3:29 PM

Thank you for your answer @ArturMeinild that helped to update the packages. But it's true I still have the vulnerability, maybe it's because I cannot install the packages ending in `+esm1` as it tells me for example `E: Version '7:4.2.7-0ubuntu0.1+esm1' for 'ffmpeg' was not found`. I don't know what to do then

Artur Meinild

5/16/24, 3:31 PM

Also see [here](https://askubuntu.com/questions/1452497/what-are-esm-apps-and-how-do-they-relate-to-ubuntu-pro). You're not missing anything that you had before. ESM patching for Universe is a new service. Nessus is a "cheap" solution that only scans for package names.

Raul

5/16/24, 3:43 PM

Oh I understand now, okay so in my case I don't have ubuntu pro so I cannot install ESM packages. Then if I have every package from https://ubuntu.com/security/notices/USN-5958-1 updated to its version (without the esm1 flag) why I'm still getting the vulnerability?

Artur Meinild

5/16/24, 3:45 PM

Because upstream security patches was never provided to Universe before - and it isn't on Arm or other platforms either. You have 2 choices: Subscribe to Ubuntu Pro, or just live with it.

Raul

5/16/24, 3:46 PM

Oh, I get it, thank you very much, that answers everything

Raul

5/16/24, 9:37 PM

Yes thank you, @ArturMeinild game a perfect solution :)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 22.10 : FFmpeg vulnerabilities (USN-5958-1) after running nessus scan

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.