SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1299

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1299

Security update for ffmpeg

Type: security

Severity: low

Issued: 2019-05-21

Description:

This update for ffmpeg fixes the following issues:

Security issue fixed:

- CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS (bsc#1101889)
- CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS (bsc#1101888).

References

CVE: CVE-2018-14395
CVE: CVE-2018-14394
Bugzilla: 1101889 VUL-1: CVE-2018-14395: ffmpeg: libavformat/movenc.c allows attackers to cause a denial of service (application crash caused by a divide-by-zero error)
Bugzilla: 1101888 VUL-1: CVE-2018-14394: ffmpeg: libavformat/movenc.c allows attackers to cause a denialof service (application crash caused by a divide-by-zero error)

Packages

ffmpeg-3.4.2-4.17.26