"libavcodec may be vulnerable..." message in Firefox
There are a security issue described here:
Description
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.
the libav can be installed through:
sudo apt-get install libav-tools
The libav's version used by ubuntu 14.04 is 9.x and can be upgraded to 11.x as follow :
sudo add-apt-repository ppa:heyarje/libav-11
sudo apt-get update
sudo apt-get install libav-tools
Run:
sudo apt-get update && sudo apt-get upgrade
sudo apt-get dist-upgrade
to upgrade packages.
In case you can not upgrade your libav, you can force firefox to use the old version by changing this setting (-> about:config) :
media.libavcodec.allow-obsolete
The defaults setting is false , but you can change it to true .
GAD3R answer works if you are okay installing another repo, and ReneF's if you are okay with the security vulnerability.
If, like me, you don't care if some videos don't play, and you just want that damn message to disappear - without disabling libavcodec (because manually disabling means I'd have to manually re-enable once a fix comes out) - then you should go to about:config, and look for:
media.decoder-doctor.notifications-allowed
In the value field, you may see a comma-separated list of values; the one you want to remove is MediaUnsupportedLibavcodec. For example, my setting was:
MediaWMFNeeded,MediaWidevineNoWMFNoSilverlight,MediaUnsupportedLibavcodec
And I changed it to:
MediaWMFNeeded,MediaWidevineNoWMFNoSilverlight
Viola! No more annoying notification, and the videos which require the codec won't work. However, there's no security issue and but once the official repo pushes a fix, the videos will start working again without any further effort on your part.