Описание
Security update for ffmpeg-7
This update for ffmpeg-7 fixes the following issues:
- Updated to version 7.1.2:
- avcodec/librsvgdec: fix compilation with librsvg 2.50.3
- libavfilter/af_firequalizer: Add check for av_malloc_array()
- avcodec/libsvtav1: unbreak build with latest svtav1
- avformat/hls: Fix Youtube AAC
- Various bugfixes.
- CVE-2025-7700: Fixed NULL Pointer Dereference in ALS Decoder (bsc#1246790)
Список пакетов
openSUSE Leap 16.0
ffmpeg-7-7.1.2-160000.1.1
ffmpeg-7-libavcodec-devel-7.1.2-160000.1.1
ffmpeg-7-libavdevice-devel-7.1.2-160000.1.1
ffmpeg-7-libavfilter-devel-7.1.2-160000.1.1
ffmpeg-7-libavformat-devel-7.1.2-160000.1.1
ffmpeg-7-libavutil-devel-7.1.2-160000.1.1
ffmpeg-7-libpostproc-devel-7.1.2-160000.1.1
ffmpeg-7-libswresample-devel-7.1.2-160000.1.1
ffmpeg-7-libswscale-devel-7.1.2-160000.1.1
libavcodec61-7.1.2-160000.1.1
libavdevice61-7.1.2-160000.1.1
libavfilter10-7.1.2-160000.1.1
libavformat61-7.1.2-160000.1.1
libavutil59-7.1.2-160000.1.1
libpostproc58-7.1.2-160000.1.1
libswresample5-7.1.2-160000.1.1
libswscale8-7.1.2-160000.1.1
Ссылки
- SUSE Security Ratings
- SUSE Bug 1246790
- SUSE CVE CVE-2025-7700 page
Описание
A flaw was found in FFmpeg's ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrupt services and cause a denial of service.
Затронутые продукты
openSUSE Leap 16.0:ffmpeg-7-7.1.2-160000.1.1
openSUSE Leap 16.0:ffmpeg-7-libavcodec-devel-7.1.2-160000.1.1
openSUSE Leap 16.0:ffmpeg-7-libavdevice-devel-7.1.2-160000.1.1
openSUSE Leap 16.0:ffmpeg-7-libavfilter-devel-7.1.2-160000.1.1
Ссылки
- CVE-2025-7700
- SUSE Bug 1246790