This update for ffmpeg-4 to version 4.0.2 fixes the following issues:
These security issues were fixed:
- CVE-2018-15822: The flv_write_packet function did not check for an empty
audio packet, leading to an assertion failure and DoS (bsc#1105869).
- CVE-2018-13300: An improper argument passed to the avpriv_request_sample
function may have triggered an out-of-array read while converting a
crafted AVI file to MPEG4, leading to a denial of service and possibly
an information disclosure (bsc#1100348).
These non-security issues were fixed:
- Enable webvtt encoders and decoders (boo#1092241).
- Build codec2 encoder and decoder, add libcodec2 to enable_decoders and
- Enable mpeg 1 and 2 encoders.
This update was imported from the openSUSE:Leap:15.0:Update update project.