5 matches found
Debian DLA-1654-1 : libav security update
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2014-8542 libavcodec/utils.c omitted a certain codec ID during enforcement of alignment, which allowed remote attackers to cause a denial of ervice out-of-bounds access or possibly...
openSUSE Security Update : ffmpeg / ffmpeg2 (openSUSE-2017-1067)
This update introduces lame and twolame. For ffmpeg2 it updates to version 2.8.13 and fixes several issues. These security issues were fixed : - CVE-2017-14058: The readdata function in libavformat/hls.c did not restrict reload attempts for an insufficient list, which allowed remote attackers to...
openSUSE Security Update : ffmpeg2 (openSUSE-2017-631)
This update for ffmpeg2 fixes security issues, bugs, and enables AC3 and MP3 decoding. The following vulnerabilities were fixed : - CVE-2017-7863: heap-based buffer overflow bsc1034179 - CVE-2017-7865: heap-based buffer overflow bsc1034177 - CVE-2017-7866: stack-based buffer overflow bsc1034176 -...
openSUSE Security Update : ffmpeg (openSUSE-2017-524)
This update for ffmpeg to version 3.3 fixes several issues. These security issues were fixed : - CVE-2016-10190: Heap-based buffer overflow in libavformat/http.c in FFmpeg allowed remote web servers to execute arbitrary code via a negative chunk size in an HTTP response boo1022920 - CVE-2016-1019...
CVE-2017-7863
CVE-2017-7863 is a FFmpeg vulnerability: an out-of-bounds write caused by a heap-based buffer overflow in libavcodec/pngdec.c (decode_frame_common). The impact is an out-of-bounds write that could affect affected FFmpeg builds. Public documents confirm the issue and reference FFmpeg/libav demuxer...