[SECURITY] [DLA 1630-1] libav security update

Package : libav Version : 6:11.12-1deb8u4 CVE ID : CVE-2017-9993 CVE-2017-9994 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14170 CVE-2017-14171 CVE-2017-14767 CVE-2017-15672 CVE-2017-17130 CVE-2018-6621 CVE-2018-7557 CVE-2018-14394 CVE-2018-1999010 Several security vulnerabilities were...

Debian: Security Advisory (DLA-1630-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3996-1 : ffmpeg - security update

Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed Real, MV, RL2, ASF, Apple HLS, Phantom Cine, MXF, NSV, MOV or RTP H.264 files/streams are processed. %NASLMINLEVEL...

[SECURITY] [DSA 3996-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3996-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2017 https://www.debian.org/security/faq -...

[ASA-201709-23] ffmpeg2.8: denial of service

Arch Linux Security Advisory ASA-201709-23 ========================================== Severity: Medium Date : 2017-09-28 CVE-ID : CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14225 Package : ffmpeg2.8 Type : denia...

openSUSE Security Update : ffmpeg / ffmpeg2 (openSUSE-2017-1067)

This update introduces lame and twolame. For ffmpeg2 it updates to version 2.8.13 and fixes several issues. These security issues were fixed : - CVE-2017-14058: The readdata function in libavformat/hls.c did not restrict reload attempts for an insufficient list, which allowed remote attackers to...

openSUSE Security Update : ffmpeg / ffmpeg2 (openSUSE-2017-1068)

This update introduces lame and twolame. For ffmpeg2 it updates to version 2.8.13 and fixes several issues. These security issues were fixed : - CVE-2017-14058: The readdata function in libavformat/hls.c did not restrict reload attempts for an insufficient list, which allowed remote attackers to...

CVE-2017-14057

In FFmpeg 3.3.3, a DoS in asfreadmarker due to lack of an EOF End of File check might cause huge CPU and memory consumption. When a crafted ASF file, which claims a large "namelen" or "count" field in the header but does not contain sufficient backing data, is provided, the loops over the name an...

CVE-2017-14057

FFmpeg vulnerability CVE-2017-14057 (affecting FFmpeg 3.3.3) is a denial-of-service in asf_read_marker() caused by missing EOF checks; crafted ASF files with large header fields can lead to unbounded CPU/memory from loops over name and markers. Public advisories (Debian DSA-3996-1, openSUSE/openS...