Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
patchinfo.7791
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7791
<patchinfo incident="7791"> <issue id="1064577" tracker="bnc">VUL-0: CVE-2017-15186: ffmpeg: Double free when parsing AVI file to MKV file usingffvhuff decoder</issue> <issue id="1069407" tracker="bnc">VUL-0: CVE-2017-16840: ffmpeg: The VC-2 Video Compression encoder allows remote attackers to cause DoS (out-of-bounds read)</issue> <issue id="1070762" tracker="bnc">VUL-0: CVE-2017-17081: ffmpeg: The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 does notproperly validate widths and heights, which allows remote attackers to cause adenial of service (integer signedness error and out-of-array</issue> <issue id="1072366" tracker="bnc">VUL-1: CVE-2017-17555: ffmpeg: The swri_audio_convert function allows remote attackers to cause a DoS</issue> <issue id="1078488" tracker="bnc">VUL-0: CVE-2018-6392: ffmpeg: The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1allows remote attackers to cause a denial of service (out-of-array access) via acrafted MP4 file.</issue> <issue id="1079368" tracker="bnc">VUL-0: CVE-2018-6621: ffmpeg: denial of service inside the decode_frame function in libavcodec/utvideodec.c</issue> <issue id="1066428" tracker="bnc">VUL-0: CVE-2017-15672: ffmpeg: out-of-array read in slice counting</issue> <issue id="2017-17555" tracker="cve" /> <issue id="2017-15672" tracker="cve" /> <issue id="2017-15186" tracker="cve" /> <issue id="2018-6392" tracker="cve" /> <issue id="2017-16840" tracker="cve" /> <issue id="2018-6621" tracker="cve" /> <issue id="2017-17081" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>jengelh</packager> <description>This update for ffmpeg fixes the following issues: Updated ffmpeg to new bugfix release 3.4.2 * Fix integer overflows, multiplication overflows, undefined shifts, and verify buffer lengths. * avfilter/vf_transpose: Fix used plane count [boo#1078488, CVE-2018-6392] * avcodec/utvideodec: Fix bytes left check in decode_frame() [boo#1079368, CVE-2018-6621] - Enable use of libzvbi for displaying teletext subtitles. - Fixed a DoS in swri_audio_convert() [boo#1072366, CVE-2017-17555]. Update to new bugfix release 3.4.1 * Fixed integer overflows, division by zero, illegal bit shifts * Fixed the gmc_mmx function which failed to validate width and height [boo#1070762, CVE-2017-17081] * Fixed out-of-bounds in VC-2 encoder [boo#1069407, CVE-2017-16840] * ffplay: use SDL2 audio API - install also doc/ffserver.conf - Update to new upstream release 3.4 * New video filters: deflicker, doublewave, lumakey, pixscope, oscilloscope, robterts, limiter, libvmaf, unpremultiply, tlut2, floodifll, pseudocolor, despill, convolve, vmafmotion. * New audio filters: afir, crossfeed, surround, headphone, superequalizer, haas. * Some video filters with several inputs now use a common set of options: blend, libvmaf, lut3d, overlay, psnr, ssim. They must always be used by name. * librsvg support for svg rasterization * spec-compliant VP9 muxing support in MP4 * Remove the libnut and libschroedinger muxer/demuxer wrappers * drop deprecated qtkit input device (use avfoundation instead) * SUP/PGS subtitle muxer * VP9 tile threading support * KMS screen grabber * CUDA thumbnail filter * V4L2 mem2mem HW assisted codecs * Rockchip MPP hardware decoding * (Not in openSUSE builds, only original ones:) * Gremlin Digital Video demuxer and decoder * Additional frame format support for Interplay MVE movies * Dolby E decoder and SMPTE 337M demuxer * raw G.726 muxer and demuxer, left- and right-justified * NewTek NDI input/output device * FITS demuxer, muxer, decoder and encoder - Fixed a double free in huffyuv [boo#1064577, CVE-2017-15186] - Fixed an out-of-bounds in ffv1dec [boo#1066428, CVE-2017-15672] </description> <summary>Security update for ffmpeg</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor