SUSE-SU-2018:2305-1 -- SLES ffmpeg, libavcodec57, libavutil-devel, libavutil55, libpostproc-devel, libpostproc54, libswresample-devel, libswresample2, libswscale-devel, libswscale4ID: oval:org.secpod.oval:def:89049596 | Date: (C)2023-11-10 (M)2023-11-10 |
Class: PATCH | Family: unix |
This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2018-13302: Fixed out of array access issue . - CVE-2018-1999010: Fixed multiple out of array access vulnerabilities in the mms protocol that could result in accessing out of bound data via specially crafted input files - CVE-2018-1999011: Fixed a heap buffer overflow in asf_o format demuxer that could result in remote code execution - CVE-2018-1999012: Fixed an infinite loop vulnerability in pva format demuxer that could result in excessive amount of ressource allocation like CPU an RAM . - CVE-2018-1999013: Fixed an use-after-free vulnerability in the realmedia demuxer that could allow remote attackers to read heap memory
Platform: |
SUSE Linux Enterprise Desktop 15 |
Product: |
ffmpeg |
libavcodec57 |
libavutil-devel |
libavutil55 |
libpostproc-devel |
libpostproc54 |
libswresample-devel |
libswresample2 |
libswscale-devel |
libswscale4 |