Mailinglist Archive: opensuse-updates (116 mails)

< Previous Next >
openSUSE-SU-2017:1531-1: moderate: Security update for ffmpeg
openSUSE Security Update: Security update for ffmpeg
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:1531-1
Rating: moderate
References: #1015120 #1022921 #1022922
Cross-References: CVE-2016-10191 CVE-2016-10192 CVE-2016-9561
CVE-2017-5024 CVE-2017-5025
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available.

Description:

This update of ffmpeg to version 3.1.8 fixes the following security issues:

- CVE-2016-9561: DoS through huge memory allocation (bsc#1015120)
- CVE-2016-10191: remote code execution vulnerability (bsc#1022921)
- CVE-2016-10192: remote code execution vulnerability (bsc#1022922)
- CVE-2017-5024: Heap overflow
- CVE-2017-5025: Heap overflow


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2017-673=1

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x
x86_64):

ffmpeg-3.1.8-8.1
ffmpeg-debuginfo-3.1.8-8.1
ffmpeg-debugsource-3.1.8-8.1
libavcodec-devel-3.1.8-8.1
libavcodec57-3.1.8-8.1
libavcodec57-debuginfo-3.1.8-8.1
libavdevice-devel-3.1.8-8.1
libavdevice57-3.1.8-8.1
libavdevice57-debuginfo-3.1.8-8.1
libavfilter-devel-3.1.8-8.1
libavfilter6-3.1.8-8.1
libavfilter6-debuginfo-3.1.8-8.1
libavformat-devel-3.1.8-8.1
libavformat57-3.1.8-8.1
libavformat57-debuginfo-3.1.8-8.1
libavresample-devel-3.1.8-8.1
libavresample3-3.1.8-8.1
libavresample3-debuginfo-3.1.8-8.1
libavutil-devel-3.1.8-8.1
libavutil55-3.1.8-8.1
libavutil55-debuginfo-3.1.8-8.1
libpostproc-devel-3.1.8-8.1
libpostproc54-3.1.8-8.1
libpostproc54-debuginfo-3.1.8-8.1
libswresample-devel-3.1.8-8.1
libswresample2-3.1.8-8.1
libswresample2-debuginfo-3.1.8-8.1
libswscale-devel-3.1.8-8.1
libswscale4-3.1.8-8.1
libswscale4-debuginfo-3.1.8-8.1


References:

https://www.suse.com/security/cve/CVE-2016-10191.html
https://www.suse.com/security/cve/CVE-2016-10192.html
https://www.suse.com/security/cve/CVE-2016-9561.html
https://www.suse.com/security/cve/CVE-2017-5024.html
https://www.suse.com/security/cve/CVE-2017-5025.html
https://bugzilla.suse.com/1015120
https://bugzilla.suse.com/1022921
https://bugzilla.suse.com/1022922


< Previous Next >
This Thread
  • No further messages