openSUSE-SU-2017:1532-1: moderate: Security update for ffmpeg

openSUSE Security Update: Security update for ffmpeg ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1532-1 Rating: moderate References: #1015120 #1022921 #1022922 #1034176 #1034177 #1034179 #980542 Cross-References: CVE-2016-10191 CVE-2016-10192 CVE-2016-9561 CVE-2017-7863 CVE-2017-7865 CVE-2017-7866 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has one errata is now available. Description: ffmpeg was updated to fix the following security issues: CVE-2016-10191: remote exploitaion results code execution ((bsc#1022921) CVE-2016-10192: remote exploitaion results code execution bsc#1022922) CVE-2017-7866: stack-based buffer overflow (bsc#1034176) CVE-2017-7865: heap-based buffer overflow (bsc#1034177) CVE-2017-7863: heap-based buffer overflow (bsc#1034179) CVE-2016-9561: Huge amount memory allocated, resulting in DoS (bsc#1015120) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2017-672=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64): ffmpeg2-devel-2.8.11-12.1 libavcodec56-2.8.11-12.1 libavdevice56-2.8.11-12.1 libavfilter5-2.8.11-12.1 libavformat56-2.8.11-12.1 libavresample2-2.8.11-12.1 libavutil54-2.8.11-12.1 libpostproc53-2.8.11-12.1 libswresample1-2.8.11-12.1 libswscale3-2.8.11-12.1 References: https://www.suse.com/security/cve/CVE-2016-10191.html https://www.suse.com/security/cve/CVE-2016-10192.html https://www.suse.com/security/cve/CVE-2016-9561.html https://www.suse.com/security/cve/CVE-2017-7863.html https://www.suse.com/security/cve/CVE-2017-7865.html https://www.suse.com/security/cve/CVE-2017-7866.html https://bugzilla.suse.com/1015120 https://bugzilla.suse.com/1022921 https://bugzilla.suse.com/1022922 https://bugzilla.suse.com/1034176 https://bugzilla.suse.com/1034177 https://bugzilla.suse.com/1034179 https://bugzilla.suse.com/980542