Security update for ffmpeg
ffmpeg was updated to fix the following security issues:
CVE-2016-10191: remote exploitaion results code execution ((bsc#1022921)
CVE-2016-10192: remote exploitaion results code execution bsc#1022922)
CVE-2017-7866: stack-based buffer overflow (bsc#1034176)
CVE-2017-7865: heap-based buffer overflow (bsc#1034177)
CVE-2017-7863: heap-based buffer overflow (bsc#1034179)
CVE-2016-9561: Huge amount memory allocated, resulting in DoS (bsc#1015120)
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#980542
ffmpeg fails to build with BUILD_ORIG = 1 due to missing pkgconfig(opencore-amrnb)
bnc#1022921
VUL-0: CVE-2016-10191: ffmpeg: remote exploitaion results code execution [ 2 - libavformat/rtmppkt.c ]
bnc#1022922
VUL-0: CVE-2016-10192: ffmpeg: remote exploitaion results code execution [ 3 - ffserver.c ]
bnc#1034176
VUL-0: CVE-2017-7866: ffmpeg: stack-based buffer overflow (decode_zbuf function in libavcodec/pngdec.c)
bnc#1034177
VUL-0: CVE-2017-7865: ffmpeg: heap-based buffer overflow (ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c)
bnc#1034179
VUL-0: CVE-2017-7863: ffmpeg: heap-based buffer overflow (decode_frame_common function in libavcodec/pngdec.c)
bnc#1015120
VUL-0: CVE-2016-9561: ffmpeg: Huge amount memory allocated, resulting in DoS of ffmpeg
