Mailinglist Archive: opensuse-updates (116 mails)
< Previous | Next > |
openSUSE-SU-2017:1531-1: moderate: Security update for ffmpeg
- From: opensuse-security@xxxxxxxxxxxx
- Date: Sun, 11 Jun 2017 15:08:47 +0200 (CEST)
- Message-id: <20170611130847.22AA7101C8@maintenance.suse.de>
openSUSE Security Update: Security update for ffmpeg
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:1531-1
Rating: moderate
References: #1015120 #1022921 #1022922
Cross-References: CVE-2016-10191 CVE-2016-10192 CVE-2016-9561
CVE-2017-5024 CVE-2017-5025
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update of ffmpeg to version 3.1.8 fixes the following security issues:
- CVE-2016-9561: DoS through huge memory allocation (bsc#1015120)
- CVE-2016-10191: remote code execution vulnerability (bsc#1022921)
- CVE-2016-10192: remote code execution vulnerability (bsc#1022922)
- CVE-2017-5024: Heap overflow
- CVE-2017-5025: Heap overflow
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2017-673=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x
x86_64):
ffmpeg-3.1.8-8.1
ffmpeg-debuginfo-3.1.8-8.1
ffmpeg-debugsource-3.1.8-8.1
libavcodec-devel-3.1.8-8.1
libavcodec57-3.1.8-8.1
libavcodec57-debuginfo-3.1.8-8.1
libavdevice-devel-3.1.8-8.1
libavdevice57-3.1.8-8.1
libavdevice57-debuginfo-3.1.8-8.1
libavfilter-devel-3.1.8-8.1
libavfilter6-3.1.8-8.1
libavfilter6-debuginfo-3.1.8-8.1
libavformat-devel-3.1.8-8.1
libavformat57-3.1.8-8.1
libavformat57-debuginfo-3.1.8-8.1
libavresample-devel-3.1.8-8.1
libavresample3-3.1.8-8.1
libavresample3-debuginfo-3.1.8-8.1
libavutil-devel-3.1.8-8.1
libavutil55-3.1.8-8.1
libavutil55-debuginfo-3.1.8-8.1
libpostproc-devel-3.1.8-8.1
libpostproc54-3.1.8-8.1
libpostproc54-debuginfo-3.1.8-8.1
libswresample-devel-3.1.8-8.1
libswresample2-3.1.8-8.1
libswresample2-debuginfo-3.1.8-8.1
libswscale-devel-3.1.8-8.1
libswscale4-3.1.8-8.1
libswscale4-debuginfo-3.1.8-8.1
References:
https://www.suse.com/security/cve/CVE-2016-10191.html
https://www.suse.com/security/cve/CVE-2016-10192.html
https://www.suse.com/security/cve/CVE-2016-9561.html
https://www.suse.com/security/cve/CVE-2017-5024.html
https://www.suse.com/security/cve/CVE-2017-5025.html
https://bugzilla.suse.com/1015120
https://bugzilla.suse.com/1022921
https://bugzilla.suse.com/1022922
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:1531-1
Rating: moderate
References: #1015120 #1022921 #1022922
Cross-References: CVE-2016-10191 CVE-2016-10192 CVE-2016-9561
CVE-2017-5024 CVE-2017-5025
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update of ffmpeg to version 3.1.8 fixes the following security issues:
- CVE-2016-9561: DoS through huge memory allocation (bsc#1015120)
- CVE-2016-10191: remote code execution vulnerability (bsc#1022921)
- CVE-2016-10192: remote code execution vulnerability (bsc#1022922)
- CVE-2017-5024: Heap overflow
- CVE-2017-5025: Heap overflow
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2017-673=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x
x86_64):
ffmpeg-3.1.8-8.1
ffmpeg-debuginfo-3.1.8-8.1
ffmpeg-debugsource-3.1.8-8.1
libavcodec-devel-3.1.8-8.1
libavcodec57-3.1.8-8.1
libavcodec57-debuginfo-3.1.8-8.1
libavdevice-devel-3.1.8-8.1
libavdevice57-3.1.8-8.1
libavdevice57-debuginfo-3.1.8-8.1
libavfilter-devel-3.1.8-8.1
libavfilter6-3.1.8-8.1
libavfilter6-debuginfo-3.1.8-8.1
libavformat-devel-3.1.8-8.1
libavformat57-3.1.8-8.1
libavformat57-debuginfo-3.1.8-8.1
libavresample-devel-3.1.8-8.1
libavresample3-3.1.8-8.1
libavresample3-debuginfo-3.1.8-8.1
libavutil-devel-3.1.8-8.1
libavutil55-3.1.8-8.1
libavutil55-debuginfo-3.1.8-8.1
libpostproc-devel-3.1.8-8.1
libpostproc54-3.1.8-8.1
libpostproc54-debuginfo-3.1.8-8.1
libswresample-devel-3.1.8-8.1
libswresample2-3.1.8-8.1
libswresample2-debuginfo-3.1.8-8.1
libswscale-devel-3.1.8-8.1
libswscale4-3.1.8-8.1
libswscale4-debuginfo-3.1.8-8.1
References:
https://www.suse.com/security/cve/CVE-2016-10191.html
https://www.suse.com/security/cve/CVE-2016-10192.html
https://www.suse.com/security/cve/CVE-2016-9561.html
https://www.suse.com/security/cve/CVE-2017-5024.html
https://www.suse.com/security/cve/CVE-2017-5025.html
https://bugzilla.suse.com/1015120
https://bugzilla.suse.com/1022921
https://bugzilla.suse.com/1022922
< Previous | Next > |