This update for ffmpeg2 fixes security issues, bugs, and enables AC3 and MP3 decoding.
The following vulnerabilities were fixed:
- CVE-2017-7863: heap-based buffer overflow (bsc#1034179)
- CVE-2017-7865: heap-based buffer overflow (bsc#1034177)
- CVE-2017-7866: stack-based buffer overflow (bsc#1034176)
- CVE-2016-10191: remote code execution (bsc#1022921)
- CVE-2016-10190: remote code execution (bsc#1022920)
- CVE-2016-10192: remote code execution (bsc#1022922)
- CVE-2016-9561: Huge amount memory allocated, resulting in DoS of ffmpeg (bsc#1015120)
The following functionality was added:
- Enable AC3 and MP3 decoding
ffmpeg was updated to 2.8.11, containing a number of upstream improvements and fixes.
-
Submitted by
Jan Engelhardt (jengelh)