openSUSE-SU-2017:1121-1

Опубликовано: 28 апр. 2017

Источник: suse-cvrf

Описание

Security update for ffmpeg

This update for ffmpeg to version 3.3 fixes several issues.

These security issues were fixed:

CVE-2016-10190: Heap-based buffer overflow in libavformat/http.c in FFmpeg allowed remote web servers to execute arbitrary code via a negative chunk size in an HTTP response (boo#1022920)
CVE-2016-10191: Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg allowed remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches (boo#1022921)
CVE-2016-10192: Heap-based buffer overflow in ffserver.c in FFmpeg allowed remote attackers to execute arbitrary code by leveraging failure to check chunk size (boo#1022922)
CVE-2017-7859: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c (bsc#1034183).
CVE-2017-7862: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c (bsc#1034181).
CVE-2017-7863: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c (boo#1034179)
CVE-2017-7865: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c (boo#1034177)
CVE-2017-7866: FFmpeg had an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c (boo#1034176)

These non-security issues were fixed:

Enable ac3
Enable mp3 decoding
EBU R128 implementation now within ffmpeg, not relying on external library anymore
New video filters 'premultiply', 'readeia608', 'threshold', 'midequalizer'
Support for spherical videos
New decoders: 16.8 and 24.0 floating point PCM, XPM
New demuxers: MIDI Sample Dump Standard, Sample Dump eXchange demuxer
MJPEG encoding uses Optimal Huffman tables now
Native Opus encoder
Support .mov with multiple sample description tables
Removed the legacy X11 screen grabber, use XCB instead
Removed asyncts filter (use af_aresample instead)

Список пакетов

openSUSE Leap 42.2

ffmpeg-3.3-6.6.1

libavcodec-devel-3.3-6.6.1

libavcodec57-3.3-6.6.1

libavcodec57-32bit-3.3-6.6.1

libavdevice-devel-3.3-6.6.1

libavdevice57-3.3-6.6.1

libavdevice57-32bit-3.3-6.6.1

libavfilter-devel-3.3-6.6.1

libavfilter6-3.3-6.6.1

libavfilter6-32bit-3.3-6.6.1

libavformat-devel-3.3-6.6.1

libavformat57-3.3-6.6.1

libavformat57-32bit-3.3-6.6.1

libavresample-devel-3.3-6.6.1

libavresample3-3.3-6.6.1

libavresample3-32bit-3.3-6.6.1

libavutil-devel-3.3-6.6.1

libavutil55-3.3-6.6.1

libavutil55-32bit-3.3-6.6.1

libpostproc-devel-3.3-6.6.1

libpostproc54-3.3-6.6.1

libpostproc54-32bit-3.3-6.6.1

libswresample-devel-3.3-6.6.1

libswresample2-3.3-6.6.1

libswresample2-32bit-3.3-6.6.1

libswscale-devel-3.3-6.6.1

libswscale4-3.3-6.6.1

libswscale4-32bit-3.3-6.6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-04/msg00106.html
E-Mail link for openSUSE-SU-2017:1121-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-10190.html
CVE-2016-10190
https://bugzilla.suse.com/1022920
SUSE Bug 1022920

Описание

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-10191.html
CVE-2016-10191
https://bugzilla.suse.com/1022921
SUSE Bug 1022921

Описание

Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-10192.html
CVE-2016-10192
https://bugzilla.suse.com/1022922
SUSE Bug 1022922

Описание

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7859.html
CVE-2017-7859
https://bugzilla.suse.com/1034183
SUSE Bug 1034183

Описание

FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7862.html
CVE-2017-7862
https://bugzilla.suse.com/1034181
SUSE Bug 1034181

Описание

FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7863.html
CVE-2017-7863
https://bugzilla.suse.com/1034179
SUSE Bug 1034179

Описание

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7865.html
CVE-2017-7865
https://bugzilla.suse.com/1034177
SUSE Bug 1034177

Описание

FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.

Затронутые продукты

openSUSE Leap 42.2:ffmpeg-3.3-6.6.1

openSUSE Leap 42.2:libavcodec-devel-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-3.3-6.6.1

openSUSE Leap 42.2:libavcodec57-32bit-3.3-6.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-7866.html
CVE-2017-7866
https://bugzilla.suse.com/1034176
SUSE Bug 1034176

openSUSE-SU-2017:1121-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2016-10190

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-10191

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-10192

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-7859

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-7862

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-7863

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-7865

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-7866

Описание

Затронутые продукты

Ссылки