Overview

File _patchinfo of Package patchinfo.4481

<patchinfo incident="4481">
  <issue id="960383" tracker="bnc">VUL-0: CVE-2015-8663: ffmpeg: The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4preserves width and height v...</issue>
  <issue id="960384" tracker="bnc">VUL-0: CVE-2015-8662: ffmpeg: The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4does not validate the ...</issue>
  <issue id="960385" tracker="bnc">VUL-0: CVE-2015-8661: ffmpeg: The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before2.8.3 does not valid...</issue>
  <issue id="CVE-2015-8663" tracker="cve" />
  <issue id="CVE-2015-8662" tracker="cve" />
  <issue id="CVE-2015-8661" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jengelh</packager>
  <description>
This update to ffmpeg 2.8.4 fixes the following issues:

* CVE-2015-8661: Denial of service via crafted .mov file [boo#960385]
* CVE-2015-8662: Denial of service via crafted JPEG 2000 data [boo#960384]
* CVE-2015-8663: Denial of service via crafted H.264 data [boo#960383]
</description>
  <summary>Security update for ffmpeg</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places