openSUSE-SU-2017:1121-1: moderate: Security update for ffmpeg

openSUSE Security Update: Security update for ffmpeg ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1121-1 Rating: moderate References: #1022920 #1022921 #1022922 #1034176 #1034177 #1034179 #1034181 #1034183 Cross-References: CVE-2016-10190 CVE-2016-10191 CVE-2016-10192 CVE-2017-7859 CVE-2017-7862 CVE-2017-7863 CVE-2017-7865 CVE-2017-7866 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for ffmpeg to version 3.3 fixes several issues. These security issues were fixed: - CVE-2016-10190: Heap-based buffer overflow in libavformat/http.c in FFmpeg allowed remote web servers to execute arbitrary code via a negative chunk size in an HTTP response (boo#1022920) - CVE-2016-10191: Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg allowed remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches (boo#1022921) - CVE-2016-10192: Heap-based buffer overflow in ffserver.c in FFmpeg allowed remote attackers to execute arbitrary code by leveraging failure to check chunk size (boo#1022922) - CVE-2017-7859: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c (bsc#1034183). - CVE-2017-7862: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c (bsc#1034181). - CVE-2017-7863: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c (boo#1034179) - CVE-2017-7865: FFmpeg had an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c (boo#1034177) - CVE-2017-7866: FFmpeg had an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c (boo#1034176) These non-security issues were fixed: - Enable ac3 - Enable mp3 decoding - EBU R128 implementation now within ffmpeg, not relying on external library anymore - New video filters "premultiply", "readeia608", "threshold", "midequalizer" - Support for spherical videos - New decoders: 16.8 and 24.0 floating point PCM, XPM - New demuxers: MIDI Sample Dump Standard, Sample Dump eXchange demuxer - MJPEG encoding uses Optimal Huffman tables now - Native Opus encoder - Support .mov with multiple sample description tables - Removed the legacy X11 screen grabber, use XCB instead - Removed asyncts filter (use af_aresample instead) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-524=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): ffmpeg-3.3-6.6.1 ffmpeg-debuginfo-3.3-6.6.1 ffmpeg-debugsource-3.3-6.6.1 libavcodec-devel-3.3-6.6.1 libavcodec57-3.3-6.6.1 libavcodec57-debuginfo-3.3-6.6.1 libavdevice-devel-3.3-6.6.1 libavdevice57-3.3-6.6.1 libavdevice57-debuginfo-3.3-6.6.1 libavfilter-devel-3.3-6.6.1 libavfilter6-3.3-6.6.1 libavfilter6-debuginfo-3.3-6.6.1 libavformat-devel-3.3-6.6.1 libavformat57-3.3-6.6.1 libavformat57-debuginfo-3.3-6.6.1 libavresample-devel-3.3-6.6.1 libavresample3-3.3-6.6.1 libavresample3-debuginfo-3.3-6.6.1 libavutil-devel-3.3-6.6.1 libavutil55-3.3-6.6.1 libavutil55-debuginfo-3.3-6.6.1 libpostproc-devel-3.3-6.6.1 libpostproc54-3.3-6.6.1 libpostproc54-debuginfo-3.3-6.6.1 libswresample-devel-3.3-6.6.1 libswresample2-3.3-6.6.1 libswresample2-debuginfo-3.3-6.6.1 libswscale-devel-3.3-6.6.1 libswscale4-3.3-6.6.1 libswscale4-debuginfo-3.3-6.6.1 - openSUSE Leap 42.2 (x86_64): libavcodec57-32bit-3.3-6.6.1 libavcodec57-debuginfo-32bit-3.3-6.6.1 libavdevice57-32bit-3.3-6.6.1 libavdevice57-debuginfo-32bit-3.3-6.6.1 libavfilter6-32bit-3.3-6.6.1 libavfilter6-debuginfo-32bit-3.3-6.6.1 libavformat57-32bit-3.3-6.6.1 libavformat57-debuginfo-32bit-3.3-6.6.1 libavresample3-32bit-3.3-6.6.1 libavresample3-debuginfo-32bit-3.3-6.6.1 libavutil55-32bit-3.3-6.6.1 libavutil55-debuginfo-32bit-3.3-6.6.1 libpostproc54-32bit-3.3-6.6.1 libpostproc54-debuginfo-32bit-3.3-6.6.1 libswresample2-32bit-3.3-6.6.1 libswresample2-debuginfo-32bit-3.3-6.6.1 libswscale4-32bit-3.3-6.6.1 libswscale4-debuginfo-32bit-3.3-6.6.1 References: https://www.suse.com/security/cve/CVE-2016-10190.html https://www.suse.com/security/cve/CVE-2016-10191.html https://www.suse.com/security/cve/CVE-2016-10192.html https://www.suse.com/security/cve/CVE-2017-7859.html https://www.suse.com/security/cve/CVE-2017-7862.html https://www.suse.com/security/cve/CVE-2017-7863.html https://www.suse.com/security/cve/CVE-2017-7865.html https://www.suse.com/security/cve/CVE-2017-7866.html https://bugzilla.suse.com/1022920 https://bugzilla.suse.com/1022921 https://bugzilla.suse.com/1022922 https://bugzilla.suse.com/1034176 https://bugzilla.suse.com/1034177 https://bugzilla.suse.com/1034179 https://bugzilla.suse.com/1034181 https://bugzilla.suse.com/1034183