Ubuntu’s current LTS version (24.04) contains ffmpeg version 7:6.1.1-3ubuntu5 which has this buffer overflow vulnerability:
https://trac.ffmpeg.org/ticket/10952
https://ubuntu.com/security/CVE-2024-32230
On my only Ubuntu computer, my update widget says that I need to upgrade to ffmpeg version 7:6.1.1-3ubuntu5+esm2 but can only only do so with Ubuntu Pro. I’m not eligible for Ubuntu Pro.
Ubuntu claims that 24.04 is currently fully supported, and should have complete security updates. However, they seem to have paywalled this security update.
What should I do?
You must log in or register to comment.
This comment should be deleted soon
However, Ubuntu started a service called Ubuntu Pro / ESM that provides updates for packages in universe.
Since it’s all free software, what gives Ubuntu the privilege to restrict these updates behind paywalls and signups?
Pro is also free for personal use on up to 5 machines, so there’s no reason not to enable it.
Fuck that bullshit. We shouldn’t be encouraging or enabling this behavior at all.
This comment should be deleted soon
