openSUSE-SU-2017:1531-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2017:1531-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2017:1531-1
Related
Published
2017-06-11T09:31:47Z
Modified
2017-06-11T09:31:47Z
Summary
Security update for ffmpeg
Details

This update of ffmpeg to version 3.1.8 fixes the following security issues:

  • CVE-2016-9561: DoS through huge memory allocation (bsc#1015120)
  • CVE-2016-10191: remote code execution vulnerability (bsc#1022921)
  • CVE-2016-10192: remote code execution vulnerability (bsc#1022922)
  • CVE-2017-5024: Heap overflow
  • CVE-2017-5025: Heap overflow
References

Affected packages

SUSE:Package Hub 12 SP2 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:rpm/suse/ffmpeg&distro=SUSE%20Package%20Hub%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.8-8.1

Ecosystem specific

{
    "binaries": [
        {
            "libavresample-devel": "3.1.8-8.1",
            "libavdevice57": "3.1.8-8.1",
            "libavdevice-devel": "3.1.8-8.1",
            "libswresample2": "3.1.8-8.1",
            "libavcodec57": "3.1.8-8.1",
            "libavfilter6": "3.1.8-8.1",
            "libavutil-devel": "3.1.8-8.1",
            "libavcodec-devel": "3.1.8-8.1",
            "ffmpeg": "3.1.8-8.1",
            "libpostproc-devel": "3.1.8-8.1",
            "libswscale4": "3.1.8-8.1",
            "libswscale-devel": "3.1.8-8.1",
            "libavformat-devel": "3.1.8-8.1",
            "libswresample-devel": "3.1.8-8.1",
            "libavformat57": "3.1.8-8.1",
            "libavresample3": "3.1.8-8.1",
            "libavfilter-devel": "3.1.8-8.1",
            "libpostproc54": "3.1.8-8.1",
            "libavutil55": "3.1.8-8.1"
        }
    ]
}