A denial of service in the subtitle decoder in FFmpeg 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
samba: SMB/CIFS file, print, and login server for Unix Details: USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Linux Mint 20.x LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6425-1 introduced a regression in Samba.
firefox: Mozilla Open Source web browser Details: USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6404-1 caused some minor regressions in Firefox.