Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2016:2934-1

Опубликовано: 28 нояб. 2016
Источник: suse-cvrf

Описание

Security update for ffmpeg

This update to ffmpeg 3.2 fixes the following issues:

  • CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892)

FFmpeg was updated to version 3.2, incorporating the following upstream improvements:

  • SDL2 output device and ffplay support
  • SDL1 output device and SDL1 support removed
  • New: libopenmpt demuxer, fifo muxer, True Audio (TTA) muxer
  • New filters: weave, gblur, avgblur, sobel, prewitt, vaguedenoiser, yuvtestsrc, lut2, hysteresis, maskedclamp, crystalizer, acrusher, bitplanenoise, sidedata, asidedata
  • Non-Local Means (nlmeans) denoising filter
  • 16-bit support in curves filter and selectivecolor filter
  • Added threads option per filter instance
  • The 'curves' filter does not automatically insert points at x=0 and x=1 anymore
  • Matroska muxer now writes CRC32 elements by default in all Level 1 elements
  • New 'tee' protocol
  • VP8 in Ogg muxing
  • Floating point support in ALS decoder
  • Extended mov edit list support
  • Changed mapping of RTP MIME type G726 to codec g726le.

Also contains a collection of upstream bug fixes.

Список пакетов

openSUSE Leap 42.2
ffmpeg-3.2-4.1
libavcodec-devel-3.2-4.1
libavcodec57-3.2-4.1
libavcodec57-32bit-3.2-4.1
libavdevice-devel-3.2-4.1
libavdevice57-3.2-4.1
libavdevice57-32bit-3.2-4.1
libavfilter-devel-3.2-4.1
libavfilter6-3.2-4.1
libavfilter6-32bit-3.2-4.1
libavformat-devel-3.2-4.1
libavformat57-3.2-4.1
libavformat57-32bit-3.2-4.1
libavresample-devel-3.2-4.1
libavresample3-3.2-4.1
libavresample3-32bit-3.2-4.1
libavutil-devel-3.2-4.1
libavutil55-3.2-4.1
libavutil55-32bit-3.2-4.1
libpostproc-devel-3.2-4.1
libpostproc54-3.2-4.1
libpostproc54-32bit-3.2-4.1
libswresample-devel-3.2-4.1
libswresample2-3.2-4.1
libswresample2-32bit-3.2-4.1
libswscale-devel-3.2-4.1
libswscale4-3.2-4.1
libswscale4-32bit-3.2-4.1

Ссылки

Описание

An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

Затронутые продукты
openSUSE Leap 42.2:ffmpeg-3.2-4.1
openSUSE Leap 42.2:libavcodec-devel-3.2-4.1
openSUSE Leap 42.2:libavcodec57-3.2-4.1
openSUSE Leap 42.2:libavcodec57-32bit-3.2-4.1
Ссылки
Уязвимость openSUSE-SU-2016:2934-1