*** This bug is a security vulnerability *** Public security bug reported:
FFmpeg 3.0.7 fixing a number of crashes and other potentially security relevant issues was released. This includes fixes for CVE-2016-9561 (3.0.6) and CVE-2017-5024/CVE-2017-5025 (3.0.7). >From the upstream Changelog: version 3.0.7 - avcodec/h264_slice: Clear ref_counts on redundant slices - lavf/mov.c: Avoid heap allocation wrap in mov_read_uuid - lavf/mov.c: Avoid heap allocation wrap in mov_read_hdlr - avcodec/pictordec: Fix logic error - avcodec/movtextdec: Fix decode_styl() cleanup - lavf/matroskadec: fix is_keyframe for early Blocks version 3.0.6: - avcodec/pngdec: Check trns more completely - avcodec/interplayvideo: Move parameter change check up - avcodec/mjpegdec: Check for for the bitstream end in mjpeg_decode_scan_progressive_ac() - avformat/flacdec: Check avio_read result when reading flac block header. - avcodec/utils: correct align value for interplay - avcodec/vp56: Check for the bitstream end, pass error codes on - avcodec/mjpegdec: Check remaining bitstream in ljpeg_decode_yuv_scan() - avcodec/pngdec: Fix off by 1 size in decode_zbuf() - avformat/avidec: skip odml master index chunks in avi_sync - avcodec/mjpegdec: Check for rgb before flipping - avutil/random_seed: Reduce the time needed on systems with very low precision clock() - avutil/random_seed: Improve get_generic_seed() with higher precision clock() - avformat/utils: Print verbose error message if stream count exceeds max_streams - avformat/options_table: Set the default maximum number of streams to 1000 - pgssubdec: reset rle_data_len/rle_remaining_len on allocation error - avutil: Add av_image_check_size2() - avformat: Add max_streams option - avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be allocated - avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory() - avformat/oggdec: Skip streams in duration correction that did not had their duration set. - avcodec/ffv1enc: Fix size of first slice ** Affects: ffmpeg (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-9561 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-5024 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-5025 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1664402 Title: FFmpeg security fixes February 2017 (yakkety) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1664402/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs