24 matches found
SUSE CVE-2018-15822
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...
Mageia: Security Advisory (MGASA-2019-0223)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0029)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3609-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4431-1: FFmpeg vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : FFmpeg vulnerabilities (USN-4431-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4431-1 advisory. It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to...
USN-4431-1: FFmpeg vulnerabilities
It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see:...
Debian: Security Advisory (DLA-1809-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1809-1 : libav security update
Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2018-15822 The flvwritepacket function in libavformat/flvenc.c in libav did not check for an empty audio packet, leading to an assertion failure. CVE-2019-11338 libavcodec/hevcdec.c...
[SECURITY] [DLA 1809-1] libav security update
Package : libav Version : 6:11.12-1deb8u7 CVE ID : CVE-2018-15822 CVE-2019-11338 Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2018-15822 The flvwritepacket function in libavformat/flvenc.c in libav did not check for an empty...
[SECURITY] [DSA 4449-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4449-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019 https://www.debian.org/security/faq -...
Security update for ffmpeg-4 (low)
openSUSE Security Update: Security update for ffmpeg-4 Announcement ID: openSUSE-SU-2019:1066-1 Rating: low References: 1092241 1100348 1105869 Cross-References: CVE-2018-13300 CVE-2018-15822 Affected Products: openSUSE Backports SLE-15 An update that solves two vulnerabilities and has one errata...
openSUSE Security Update : ffmpeg-4 (openSUSE-2019-691)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues : These security issues were fixed : - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
Updated live, ffmpeg, mplayer, and vlc packages fix security vulnerabilities
A bug in the server implementation of RTSP-over-HTTP in live could allow a denial-of-service attack. A bug in the server implementation of RTSP-over-HTTP could allow a buffer overflow, which could result in the execution of arbitrary code when parsing a malformed RTSP stream CVE-2018-4013. The...
SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2018:3609-1)
This update for ffmpeg fixes the following issues : CVE-2018-13300: An improper argument passed to the avprivrequestsample function may have triggered an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure bsc110034...
Security update for ffmpeg-4 (low)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues: These security issues were fixed: - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
openSUSE Security Update : ffmpeg-4 (openSUSE-2018-1004)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues : These security issues were fixed : - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
openSUSE: Security Advisory for ffmpeg-4 (openSUSE-SU-2018:2723-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for ffmpeg-4 (low)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues: These security issues were fixed: - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
Security update for ffmpeg-4 (low)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues: These security issues were fixed: - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...