ALT-BU-2017-3269-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2017-01796
Уязвимость функции dnxhd_decode_header в libavcodec/dnxhddec.c мультимедийной библиотеки FFmpeg, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2017-01797
Уязвимость функции ff_amf_get_field_value в libavformat/rtmppkt.c мультимедийной библиотеки FFmpeg, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-11399
Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a crafted APE file.
- DSA-3957
- DSA-3957
- 100019
- 100019
- https://github.com/FFmpeg/FFmpeg/commit/96349da5ec8eda9f0368446e557fe0c8ba0e66b7
- https://github.com/FFmpeg/FFmpeg/commit/96349da5ec8eda9f0368446e557fe0c8ba0e66b7
- https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0
- https://github.com/FFmpeg/FFmpeg/commit/ba4beaf6149f7241c8bd85fe853318c2f6837ad0
Modified: 2024-11-21
CVE-2017-11665
The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.
Modified: 2024-11-21
CVE-2017-11719
The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.
- DSA-3957
- DSA-3957
- 100020
- 100020
- https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
- https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92
- https://github.com/FFmpeg/FFmpeg/commit/f31fc4755f69ab26bf6e8be47875b7dcede8e29e
- https://github.com/FFmpeg/FFmpeg/commit/f31fc4755f69ab26bf6e8be47875b7dcede8e29e
Modified: 2024-11-21
CVE-2017-9608
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
- [oss-security] 20170814 [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file.
- [oss-security] 20170814 [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file.
- [oss-security] 20170815 Re: [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file.
- [oss-security] 20170815 Re: [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file.
- 100348
- 100348
- https://github.com/FFmpeg/FFmpeg/commit/0a709e2a10b8288a0cc383547924ecfe285cef89
- https://github.com/FFmpeg/FFmpeg/commit/0a709e2a10b8288a0cc383547924ecfe285cef89
- https://github.com/FFmpeg/FFmpeg/commit/31c1c0b46a7021802c3d1d18039fca30dba5a14e
- https://github.com/FFmpeg/FFmpeg/commit/31c1c0b46a7021802c3d1d18039fca30dba5a14e
- https://github.com/FFmpeg/FFmpeg/commit/611b35627488a8d0763e75c25ee0875c5b7987dd
- https://github.com/FFmpeg/FFmpeg/commit/611b35627488a8d0763e75c25ee0875c5b7987dd
- DSA-3957
- DSA-3957
Closed bugs
при сбитом времени после установки падает marco, нет пиктограмм
Closed bugs
[FR] moreutils-0.61+