Security update for ffmpeg SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0476-1 Final 1 1 2018-02-19T09:08:21Z current 2018-02-19T09:08:21Z 2018-02-19T09:08:21Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ffmpeg This update for ffmpeg fixes the following issues: Updated ffmpeg to new bugfix release 3.4.2 * Fix integer overflows, multiplication overflows, undefined shifts, and verify buffer lengths. * avfilter/vf_transpose: Fix used plane count [boo#1078488, CVE-2018-6392] * avcodec/utvideodec: Fix bytes left check in decode_frame() [boo#1079368, CVE-2018-6621] - Enable use of libzvbi for displaying teletext subtitles. - Fixed a DoS in swri_audio_convert() [boo#1072366, CVE-2017-17555]. Update to new bugfix release 3.4.1 * Fixed integer overflows, division by zero, illegal bit shifts * Fixed the gmc_mmx function which failed to validate width and height [boo#1070762, CVE-2017-17081] * Fixed out-of-bounds in VC-2 encoder [boo#1069407, CVE-2017-16840] * ffplay: use SDL2 audio API - install also doc/ffserver.conf - Update to new upstream release 3.4 * New video filters: deflicker, doublewave, lumakey, pixscope, oscilloscope, robterts, limiter, libvmaf, unpremultiply, tlut2, floodifll, pseudocolor, despill, convolve, vmafmotion. * New audio filters: afir, crossfeed, surround, headphone, superequalizer, haas. * Some video filters with several inputs now use a common set of options: blend, libvmaf, lut3d, overlay, psnr, ssim. They must always be used by name. * librsvg support for svg rasterization * spec-compliant VP9 muxing support in MP4 * Remove the libnut and libschroedinger muxer/demuxer wrappers * drop deprecated qtkit input device (use avfoundation instead) * SUP/PGS subtitle muxer * VP9 tile threading support * KMS screen grabber * CUDA thumbnail filter * V4L2 mem2mem HW assisted codecs * Rockchip MPP hardware decoding * (Not in openSUSE builds, only original ones:) * Gremlin Digital Video demuxer and decoder * Additional frame format support for Interplay MVE movies * Dolby E decoder and SMPTE 337M demuxer * raw G.726 muxer and demuxer, left- and right-justified * NewTek NDI input/output device * FITS demuxer, muxer, decoder and encoder - Fixed a double free in huffyuv [boo#1064577, CVE-2017-15186] - Fixed an out-of-bounds in ffv1dec [boo#1066428, CVE-2017-15672] The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2018-172 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1064577 SUSE Bug 1064577 https://bugzilla.suse.com/1066428 SUSE Bug 1066428 https://bugzilla.suse.com/1069407 SUSE Bug 1069407 https://bugzilla.suse.com/1070762 SUSE Bug 1070762 https://bugzilla.suse.com/1072366 SUSE Bug 1072366 https://bugzilla.suse.com/1078488 SUSE Bug 1078488 https://bugzilla.suse.com/1079368 SUSE Bug 1079368 https://www.suse.com/security/cve/CVE-2017-15186/ SUSE CVE CVE-2017-15186 page https://www.suse.com/security/cve/CVE-2017-15672/ SUSE CVE CVE-2017-15672 page https://www.suse.com/security/cve/CVE-2017-16840/ SUSE CVE CVE-2017-16840 page https://www.suse.com/security/cve/CVE-2017-17081/ SUSE CVE CVE-2017-17081 page https://www.suse.com/security/cve/CVE-2017-17555/ SUSE CVE CVE-2017-17555 page https://www.suse.com/security/cve/CVE-2018-6392/ SUSE CVE CVE-2018-6392 page https://www.suse.com/security/cve/CVE-2018-6621/ SUSE CVE CVE-2018-6621 page SUSE Package Hub 12 SP2 ffmpeg-3.4.2-14.1 libavcodec-devel-3.4.2-14.1 libavcodec57-3.4.2-14.1 libavdevice-devel-3.4.2-14.1 libavdevice57-3.4.2-14.1 libavfilter-devel-3.4.2-14.1 libavfilter6-3.4.2-14.1 libavformat-devel-3.4.2-14.1 libavformat57-3.4.2-14.1 libavresample-devel-3.4.2-14.1 libavresample3-3.4.2-14.1 libavutil-devel-3.4.2-14.1 libavutil55-3.4.2-14.1 libpostproc-devel-3.4.2-14.1 libpostproc54-3.4.2-14.1 libswresample-devel-3.4.2-14.1 libswresample2-3.4.2-14.1 libswscale-devel-3.4.2-14.1 libswscale4-3.4.2-14.1 ffmpeg-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavcodec-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavcodec57-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavdevice-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavdevice57-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavfilter-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavfilter6-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavformat-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavformat57-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavresample-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavresample3-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavutil-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libavutil55-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libpostproc-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libpostproc54-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libswresample-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libswresample2-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libswscale-devel-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 libswscale4-3.4.2-14.1 as a component of SUSE Package Hub 12 SP2 Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file. CVE-2017-15186 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15186.html CVE-2017-15186 https://bugzilla.suse.com/1064577 SUSE Bug 1064577 The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. CVE-2017-15672 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15672.html CVE-2017-15672 https://bugzilla.suse.com/1066428 SUSE Bug 1066428 The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c. CVE-2017-16840 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-16840.html CVE-2017-16840 https://bugzilla.suse.com/1069407 SUSE Bug 1069407 The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read) via a crafted MPEG file. CVE-2017-17081 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-17081.html CVE-2017-17081 https://bugzilla.suse.com/1070762 SUSE Bug 1070762 The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. CVE-2017-17555 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-17555.html CVE-2017-17555 https://bugzilla.suse.com/1072366 SUSE Bug 1072366 The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file. CVE-2018-6392 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6392.html CVE-2018-6392 https://bugzilla.suse.com/1078488 SUSE Bug 1078488 The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. CVE-2018-6621 SUSE Package Hub 12 SP2:ffmpeg-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavcodec57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavdevice57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavfilter6-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavformat57-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavresample3-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libavutil55-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libpostproc54-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswresample2-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale-devel-3.4.2-14.1 SUSE Package Hub 12 SP2:libswscale4-3.4.2-14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6621.html CVE-2018-6621 https://bugzilla.suse.com/1079368 SUSE Bug 1079368