*** This bug is a security vulnerability ***
Public security bug reported:
FFmpeg 2.8.11 fixing a number of crashes and other potentially security
relevant issues was released.
This includes fixes for CVE-2016-9561, CVE-2017-5024 and CVE-2017-5025.
>From the upstream Changelog:
version 2.8.11
- avcodec/h264_slice: Clear ref_counts on redundant slices
- lavf/mov.c: Avoid heap allocation wrap in mov_read_uuid
- lavf/mov.c: Avoid heap allocation wrap in mov_read_hdlr
- avcodec/pictordec: Fix logic error
- avcodec/movtextdec: Fix decode_styl() cleanup
- lavf/matroskadec: fix is_keyframe for early Blocks
- configure: bump year
- avcodec/pngdec: Check trns more completely
- avcodec/interplayvideo: Move parameter change check up
- avcodec/mjpegdec: Check for for the bitstream end in
mjpeg_decode_scan_progressive_ac()
- avformat/flacdec: Check avio_read result when reading flac block header.
- avcodec/utils: correct align value for interplay
- avcodec/vp56: Check for the bitstream end, pass error codes on
- avcodec/mjpegdec: Check remaining bitstream in ljpeg_decode_yuv_scan()
- avcodec/pngdec: Fix off by 1 size in decode_zbuf()
- avformat/avidec: skip odml master index chunks in avi_sync
- avcodec/mjpegdec: Check for rgb before flipping
- avutil/random_seed: Reduce the time needed on systems with very low precision
clock()
- avutil/random_seed: Improve get_generic_seed() with higher precision clock()
- avformat/utils: Print verbose error message if stream count exceeds
max_streams
- avformat/options_table: Set the default maximum number of streams to 1000
- avutil: Add av_image_check_size2()
- avformat: Add max_streams option
- avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be
allocated
- avcodec/mpeg4videodec: Fix undefined shifts in
mpeg4_decode_sprite_trajectory()
- avformat/oggdec: Skip streams in duration correction that did not had their
duration set.
- avcodec/ffv1enc: Fix size of first slice
- pgssubdec: reset rle_data_len/rle_remaining_len on allocation error
** Affects: ffmpeg (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public Security
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-9561
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5024
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5025
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664403
Title:
FFmpeg security fixes February 2017 (xenial)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1664403/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
