Security update for ffmpeg SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:2120-1 Final 1 1 2015-11-27T12:50:49Z current 2015-11-27T12:50:49Z 2015-11-27T12:50:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ffmpeg The ffmpeg package was updated to version 2.8.2 to fix the following security and non security issues: - CVE-2015-8216: Fixed the ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c which could cause a denial of service (out-of-bounds array access) (bnc#955346). - CVE-2015-8217: Fixed the ff_hevc_parse_sps function in libavcodec/hevc_ps.c which could cause a denial of service (out-of-bounds array access) (bnc#955347). - CVE-2015-8218: Fixed the decode_uncompressed function in libavcodec/faxcompr.c which could cause a denial of service (out-of-bounds array access) (bnc#955348). - CVE-2015-8219: Fixed the init_tile function in libavcodec/jpeg2000dec.c which could cause a denial of service (out-of-bounds array access) (bnc#955350). - Update to new upstream release 2.8.2 * various fixes in the aac_fixed decoder * various fixes in softfloat * swresample/resample: increase precision for compensation * lavf/mov: add support for sidx fragment indexes * avformat/mxfenc: Only store user comment related tags when needed * ffmpeg: Don't try and write sdp info if none of the outputs had an rtp format. * apng: use correct size for output buffer * jvdec: avoid unsigned overflow in comparison * avcodec/jpeg2000dec: Clip all tile coordinates * avcodec/microdvddec: Check for string end in 'P' case * avcodec/dirac_parser: Fix undefined memcpy() use * avformat/xmv: Discard remainder of packet on error * avformat/xmv: factor return check out of if/else * avcodec/mpeg12dec: Do not call show_bits() with invalid bits * avcodec/faxcompr: Add missing runs check in decode_uncompressed() * libavutil/channel_layout: Check strtol*() for failure * avformat/mpegts: Only start probing data streams within probe_packets * avcodec/hevc_ps: Check chroma_format_idc * avcodec/ffv1dec: Check for 0 quant tables * avcodec/mjpegdec: Reinitialize IDCT on BPP changes * avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it * avcodec/h264_slice: Disable slice threads if there are multiple access units in a packet * avformat/hls: update cookies on setcookie response * opusdec: Don't run vector_fmul_scalar on zero length arrays * avcodec/opusdec: Fix extra samples read index * avcodec/ffv1: Initialize vlc_state on allocation * avcodec/ffv1dec: update progress in case of broken pointer chains * avcodec/ffv1dec: Clear slice coordinates if they are invalid or slice header decoding fails for other reasons * rtsp: Allow $ as interleaved packet indicator before a complete response header * videodsp: don't overread edges in vfix3 emu_edge. * avformat/mp3dec: improve junk skipping heuristic * concatdec: fix file_start_time calculation regression * avcodec: loongson optimize h264dsp idct and loop filter with mmi * avcodec/jpeg2000dec: Clear properties in jpeg2000_dec_cleanup() too * avformat/hls: add support for EXT-X-MAP * avformat/hls: fix segment selection regression on track changes of live streams * configure: Require libkvazaar < 0.7. * avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup - Drop ffmpeg-mov-sidx-fragment.patch, fixed upstream. - Update to new upstream release 2.8.1 * Minor bugfix release * Includes all changes from. Ffmpeg-mt, libav master of 2015-08-28, libav 11 as of 2015-08-28 - Add ffmpeg-mov-sidx-fragment.patch to add sidx fragment indexes. Needed for new mpv release. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html E-Mail link for openSUSE-SU-2015:2120-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 ffmpeg-2.8.2-3.1 ffmpeg-devel-2.8.2-3.1 libavcodec-devel-2.8.2-3.1 libavcodec56-2.8.2-3.1 libavcodec56-32bit-2.8.2-3.1 libavdevice-devel-2.8.2-3.1 libavdevice56-2.8.2-3.1 libavdevice56-32bit-2.8.2-3.1 libavfilter-devel-2.8.2-3.1 libavfilter5-2.8.2-3.1 libavfilter5-32bit-2.8.2-3.1 libavformat-devel-2.8.2-3.1 libavformat56-2.8.2-3.1 libavformat56-32bit-2.8.2-3.1 libavresample-devel-2.8.2-3.1 libavresample2-2.8.2-3.1 libavresample2-32bit-2.8.2-3.1 libavutil-devel-2.8.2-3.1 libavutil54-2.8.2-3.1 libavutil54-32bit-2.8.2-3.1 libpostproc-devel-2.8.2-3.1 libpostproc53-2.8.2-3.1 libpostproc53-32bit-2.8.2-3.1 libswresample-devel-2.8.2-3.1 libswresample1-2.8.2-3.1 libswresample1-32bit-2.8.2-3.1 libswscale-devel-2.8.2-3.1 libswscale3-2.8.2-3.1 libswscale3-32bit-2.8.2-3.1 ffmpeg-2.8.2-3.1 as a component of openSUSE Leap 42.1 ffmpeg-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavcodec-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavcodec56-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavcodec56-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavdevice-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavdevice56-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavdevice56-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavfilter-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavfilter5-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavfilter5-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavformat-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavformat56-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavformat56-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavresample-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavresample2-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavresample2-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavutil-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavutil54-2.8.2-3.1 as a component of openSUSE Leap 42.1 libavutil54-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libpostproc-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libpostproc53-2.8.2-3.1 as a component of openSUSE Leap 42.1 libpostproc53-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libswresample-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libswresample1-2.8.2-3.1 as a component of openSUSE Leap 42.1 libswresample1-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 libswscale-devel-2.8.2-3.1 as a component of openSUSE Leap 42.1 libswscale3-2.8.2-3.1 as a component of openSUSE Leap 42.1 libswscale3-32bit-2.8.2-3.1 as a component of openSUSE Leap 42.1 The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. CVE-2015-8216 openSUSE Leap 42.1:ffmpeg-2.8.2-3.1 openSUSE Leap 42.1:ffmpeg-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavdevice-devel-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavfilter-devel-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavformat-devel-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavutil-devel-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-32bit-2.8.2-3.1 openSUSE Leap 42.1:libpostproc-devel-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswscale-devel-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-32bit-2.8.2-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html https://www.suse.com/security/cve/CVE-2015-8216.html CVE-2015-8216 https://bugzilla.suse.com/955346 SUSE Bug 955346 The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. CVE-2015-8217 openSUSE Leap 42.1:ffmpeg-2.8.2-3.1 openSUSE Leap 42.1:ffmpeg-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavdevice-devel-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavfilter-devel-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavformat-devel-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavutil-devel-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-32bit-2.8.2-3.1 openSUSE Leap 42.1:libpostproc-devel-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswscale-devel-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-32bit-2.8.2-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html https://www.suse.com/security/cve/CVE-2015-8217.html CVE-2015-8217 https://bugzilla.suse.com/955347 SUSE Bug 955347 The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data. CVE-2015-8218 openSUSE Leap 42.1:ffmpeg-2.8.2-3.1 openSUSE Leap 42.1:ffmpeg-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavdevice-devel-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavfilter-devel-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavformat-devel-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavutil-devel-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-32bit-2.8.2-3.1 openSUSE Leap 42.1:libpostproc-devel-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswscale-devel-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-32bit-2.8.2-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html https://www.suse.com/security/cve/CVE-2015-8218.html CVE-2015-8218 https://bugzilla.suse.com/955348 SUSE Bug 955348 The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2015-8219 openSUSE Leap 42.1:ffmpeg-2.8.2-3.1 openSUSE Leap 42.1:ffmpeg-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec-devel-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-2.8.2-3.1 openSUSE Leap 42.1:libavcodec56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavdevice-devel-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-2.8.2-3.1 openSUSE Leap 42.1:libavdevice56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavfilter-devel-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-2.8.2-3.1 openSUSE Leap 42.1:libavfilter5-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavformat-devel-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-2.8.2-3.1 openSUSE Leap 42.1:libavformat56-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-2.8.2-3.1 openSUSE Leap 42.1:libavresample2-32bit-2.8.2-3.1 openSUSE Leap 42.1:libavutil-devel-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-2.8.2-3.1 openSUSE Leap 42.1:libavutil54-32bit-2.8.2-3.1 openSUSE Leap 42.1:libpostproc-devel-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-2.8.2-3.1 openSUSE Leap 42.1:libpostproc53-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswresample-devel-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-2.8.2-3.1 openSUSE Leap 42.1:libswresample1-32bit-2.8.2-3.1 openSUSE Leap 42.1:libswscale-devel-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-2.8.2-3.1 openSUSE Leap 42.1:libswscale3-32bit-2.8.2-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html https://www.suse.com/security/cve/CVE-2015-8219.html CVE-2015-8219 https://bugzilla.suse.com/955350 SUSE Bug 955350