Security update for ffmpeg
Announcement ID: | SUSE-SU-2019:1299-2 |
---|---|
Rating: | low |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves two vulnerabilities can now be installed.
Description:
This update for ffmpeg fixes the following issues:
Security issue fixed:
- CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS (bsc#1101889)
- CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS (bsc#1101888).
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Desktop Applications Module 15-SP1
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-1299=1
-
SUSE Linux Enterprise Workstation Extension 15 SP1
zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2019-1299=1
Package List:
-
Desktop Applications Module 15-SP1 (aarch64 ppc64le s390x x86_64)
- libpostproc54-3.4.2-4.17.26
- libavcodec57-3.4.2-4.17.26
- libswresample-devel-3.4.2-4.17.26
- libswresample2-debuginfo-3.4.2-4.17.26
- libswscale4-3.4.2-4.17.26
- libpostproc54-debuginfo-3.4.2-4.17.26
- libavutil55-debuginfo-3.4.2-4.17.26
- libavcodec57-debuginfo-3.4.2-4.17.26
- libavutil55-3.4.2-4.17.26
- libswscale4-debuginfo-3.4.2-4.17.26
- libavutil-devel-3.4.2-4.17.26
- libpostproc-devel-3.4.2-4.17.26
- ffmpeg-debuginfo-3.4.2-4.17.26
- ffmpeg-debugsource-3.4.2-4.17.26
- libswresample2-3.4.2-4.17.26
- libswscale-devel-3.4.2-4.17.26
-
SUSE Linux Enterprise Workstation Extension 15 SP1 (x86_64)
- libavresample3-3.4.2-4.17.26
- libavresample3-debuginfo-3.4.2-4.17.26
- libavformat-devel-3.4.2-4.17.26
- libavformat57-debuginfo-3.4.2-4.17.26
- libavformat57-3.4.2-4.17.26
- libavcodec-devel-3.4.2-4.17.26
- ffmpeg-debuginfo-3.4.2-4.17.26
- ffmpeg-debugsource-3.4.2-4.17.26
- libavresample-devel-3.4.2-4.17.26