openSUSE-SU-2016:2556-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2016:2556-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2016:2556-1
Related
Published
2016-10-18T08:52:34Z
Modified
2016-10-18T08:52:34Z
Summary
Security update for ffmpeg
Details

This update for ffmpeg fixes multiple security issues in ffmpeg (boo#1003806)

These vulnerabilities can be triggered when processing specially crafted avi video content, and could lead to crashes or have unspecified further impact including potential code execution.

  • CVE-2016-7562: out-of-bounds array write fault via specially crafted avi files
  • CVE-2016-7502: out-of-bounds array write via incorrect block values
  • CVE-2016-7905: null-point-exception when decoding avi files with crafted 'gab2' structs
  • CVE-2016-7555: memory leak when decoding avi files with crafted 'strh' struct
  • CVE-2016-7785: assert fault via avi files with crafted 'strh' struct
References

Affected packages

SUSE:Package Hub 12 SP1 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:rpm/suse/ffmpeg&distro=SUSE%20Package%20Hub%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.8-6.1

Ecosystem specific

{
    "binaries": [
        {
            "libavresample2": "2.8.8-6.1",
            "libavresample-devel": "2.8.8-6.1",
            "libswscale3": "2.8.8-6.1",
            "libavcodec56": "2.8.8-6.1",
            "libavdevice-devel": "2.8.8-6.1",
            "libswresample1": "2.8.8-6.1",
            "libavdevice56": "2.8.8-6.1",
            "libavutil-devel": "2.8.8-6.1",
            "libavcodec-devel": "2.8.8-6.1",
            "libpostproc53": "2.8.8-6.1",
            "ffmpeg": "2.8.8-6.1",
            "libpostproc-devel": "2.8.8-6.1",
            "libswscale-devel": "2.8.8-6.1",
            "ffmpeg-devel": "2.8.8-6.1",
            "libswresample-devel": "2.8.8-6.1",
            "libavformat56": "2.8.8-6.1",
            "libavfilter-devel": "2.8.8-6.1",
            "libavfilter5": "2.8.8-6.1",
            "libavformat-devel": "2.8.8-6.1",
            "libavutil54": "2.8.8-6.1"
        }
    ]
}