openSUSE Security Update : ffmpeg (openSUSE-2015-821)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The ffmpeg package was updated to version 2.8.2 to fix the following
security and non security issues :

- CVE-2015-8216: Fixed the ljpeg_decode_yuv_scan function
in libavcodec/mjpegdec.c which could cause a denial of
service (out-of-bounds array access) (bnc#955346).

- CVE-2015-8217: Fixed the ff_hevc_parse_sps function in
libavcodec/hevc_ps.c which could cause a denial of
service (out-of-bounds array access) (bnc#955347).

- CVE-2015-8218: Fixed the decode_uncompressed function in
libavcodec/faxcompr.c which could cause a denial of
service (out-of-bounds array access) (bnc#955348).

- CVE-2015-8219: Fixed the init_tile function in
libavcodec/jpeg2000dec.c which could cause a denial of
service (out-of-bounds array access) (bnc#955350).

- Update to new upstream release 2.8.2

- various fixes in the aac_fixed decoder

- various fixes in softfloat

- swresample/resample: increase precision for compensation

- lavf/mov: add support for sidx fragment indexes

- avformat/mxfenc: Only store user comment related tags
when needed

- ffmpeg: Don't try and write sdp info if none of the
outputs had an rtp format.

- apng: use correct size for output buffer

- jvdec: avoid unsigned overflow in comparison

- avcodec/jpeg2000dec: Clip all tile coordinates

- avcodec/microdvddec: Check for string end in 'P' case

- avcodec/dirac_parser: Fix undefined memcpy() use

- avformat/xmv: Discard remainder of packet on error

- avformat/xmv: factor return check out of if/else

- avcodec/mpeg12dec: Do not call show_bits() with invalid
bits

- avcodec/faxcompr: Add missing runs check in
decode_uncompressed()

- libavutil/channel_layout: Check strtol*() for failure

- avformat/mpegts: Only start probing data streams within
probe_packets

- avcodec/hevc_ps: Check chroma_format_idc

- avcodec/ffv1dec: Check for 0 quant tables

- avcodec/mjpegdec: Reinitialize IDCT on BPP changes

- avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan()
before using it

- avcodec/h264_slice: Disable slice threads if there are
multiple access units in a packet

- avformat/hls: update cookies on setcookie response

- opusdec: Don't run vector_fmul_scalar on zero length
arrays

- avcodec/opusdec: Fix extra samples read index

- avcodec/ffv1: Initialize vlc_state on allocation

- avcodec/ffv1dec: update progress in case of broken
pointer chains

- avcodec/ffv1dec: Clear slice coordinates if they are
invalid or slice header decoding fails for other reasons

- rtsp: Allow $ as interleaved packet indicator before a
complete response header

- videodsp: don't overread edges in vfix3 emu_edge.

- avformat/mp3dec: improve junk skipping heuristic

- concatdec: fix file_start_time calculation regression

- avcodec: loongson optimize h264dsp idct and loop filter
with mmi

- avcodec/jpeg2000dec: Clear properties in
jpeg2000_dec_cleanup() too

- avformat/hls: add support for EXT-X-MAP

- avformat/hls: fix segment selection regression on track
changes of live streams

- configure: Require libkvazaar < 0.7.

- avcodec/vp8: Do not use num_coeff_partitions in
thread/buffer setup

- Drop ffmpeg-mov-sidx-fragment.patch, fixed upstream.

- Update to new upstream release 2.8.1

- Minor bugfix release

- Includes all changes from. Ffmpeg-mt, libav master of
2015-08-28, libav 11 as of 2015-08-28

- Add ffmpeg-mov-sidx-fragment.patch to add sidx fragment
indexes. Needed for new mpv release.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=955346
https://bugzilla.opensuse.org/show_bug.cgi?id=955347
https://bugzilla.opensuse.org/show_bug.cgi?id=955348
https://bugzilla.opensuse.org/show_bug.cgi?id=955350

Solution :

Update the affected ffmpeg packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 87085 ()

Bugtraq ID:

CVE ID: CVE-2015-8216
CVE-2015-8217
CVE-2015-8218
CVE-2015-8219

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now