Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:6682
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="6682"> <issue id="1034179" tracker="bnc">VUL-0: CVE-2017-7863: ffmpeg: heap-based buffer overflow (decode_frame_common function in libavcodec/pngdec.c)</issue> <issue id="1034177" tracker="bnc">VUL-0: CVE-2017-7865: ffmpeg: heap-based buffer overflow (ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c)</issue> <issue id="1034176" tracker="bnc">VUL-0: CVE-2017-7866: ffmpeg: stack-based buffer overflow (decode_zbuf function in libavcodec/pngdec.c)</issue> <issue id="1022921" tracker="bnc">VUL-0: CVE-2016-10191: ffmpeg: remote exploitaion results code execution [ 2 - libavformat/rtmppkt.c ]</issue> <issue id="1022920" tracker="bnc">VUL-0: CVE-2016-10190: ffmpeg: remote exploitaion results code execution [ 1 - libavformat/http.c ]</issue> <issue id="1022922" tracker="bnc">VUL-0: CVE-2016-10192: ffmpeg: remote exploitaion results code execution [ 3 - ffserver.c ]</issue> <issue id="1015120" tracker="bnc">VUL-0: CVE-2016-9561: ffmpeg: Huge amount memory allocated, resulting in DoS of ffmpeg</issue> <issue id="2017-7865" tracker="cve" /> <issue id="2017-7866" tracker="cve" /> <issue id="2016-9561" tracker="cve" /> <issue id="2017-7863" tracker="cve" /> <issue id="2016-10191" tracker="cve" /> <issue id="2016-10190" tracker="cve" /> <issue id="2016-10192" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>jengelh</packager> <description>This update for ffmpeg2 fixes security issues, bugs, and enables AC3 and MP3 decoding. The following vulnerabilities were fixed: - CVE-2017-7863: heap-based buffer overflow (bsc#1034179) - CVE-2017-7865: heap-based buffer overflow (bsc#1034177) - CVE-2017-7866: stack-based buffer overflow (bsc#1034176) - CVE-2016-10191: remote code execution (bsc#1022921) - CVE-2016-10190: remote code execution (bsc#1022920) - CVE-2016-10192: remote code execution (bsc#1022922) - CVE-2016-9561: Huge amount memory allocated, resulting in DoS of ffmpeg (bsc#1015120) The following functionality was added: - Enable AC3 and MP3 decoding ffmpeg was updated to 2.8.11, containing a number of upstream improvements and fixes. </description> <summary>Security update for ffmpeg2</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor