SUSE-SU-2018:3609-1 -- SLES ffmpeg, libavcodec57, libavutil-devel, libavutil55, libpostproc-devel, libpostproc54, libswresample-devel, libswresample2, libswscale-devel, libswscale4ID: oval:org.secpod.oval:def:89049762 | Date: (C)2023-11-10 (M)2023-11-10 |
Class: PATCH | Family: unix |
This update for ffmpeg fixes the following issues: - CVE-2018-13300: An improper argument passed to the avpriv_request_sample function may have triggered an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure - CVE-2018-15822: The flv_write_packet function did not check for an empty audio packet, leading to an assertion failure and DoS - CVE-2018-13305: Due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service. - CVE-2018-12458: An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c might have triggered an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. .
Platform: |
SUSE Linux Enterprise Desktop 15 |
Product: |
ffmpeg |
libavcodec57 |
libavutil-devel |
libavutil55 |
libpostproc-devel |
libpostproc54 |
libswresample-devel |
libswresample2 |
libswscale-devel |
libswscale4 |