SUSE: 2019:1299-2 ffmpeg
Summary
This update for ffmpeg fixes the following issues: Security issue fixed: - CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS (bsc#1101889) - CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS (bsc#1101888). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15-SP1: zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2019-1299=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1299=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP1: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-1299=1 Package List: - SUSE Linux Enterprise Workstation Extension 15-SP1 (x86_64): ffmpeg-debuginfo-3.4.2-4.17.26 ffmpeg-debugsource-3.4.2-4.17.26 libavcodec-devel-3.4.2-4.17.26 libavformat-devel-3.4.2-4.17.26 libavformat57-3.4.2-4.17.26 libavformat57-debuginfo-3.4.2-4.17.26 libavresample-devel-3.4.2-4.17.26 libavresample3-3.4.2-4.17.26 libavresample3-debuginfo-3.4.2-4.17.26 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): ffmpeg-3.4.2-4.17.26 ffmpeg-debuginfo-3.4.2-4.17.26 ffmpeg-debugsource-3.4.2-4.17.26 ffmpeg-private-devel-3.4.2-4.17.26 libavdevice-devel-3.4.2-4.17.26 libavdevice57-3.4.2-4.17.26 libavdevice57-debuginfo-3.4.2-4.17.26 libavfilter-devel-3.4.2-4.17.26 libavfilter6-3.4.2-4.17.26 libavfilter6-debuginfo-3.4.2-4.17.26 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (x86_64): libavcodec57-32bit-3.4.2-4.17.26 libavcodec57-32bit-debuginfo-3.4.2-4.17.26 libavdevice57-32bit-3.4.2-4.17.26 libavdevice57-32bit-debuginfo-3.4.2-4.17.26 libavfilter6-32bit-3.4.2-4.17.26 libavfilter6-32bit-debuginfo-3.4.2-4.17.26 libavformat57-32bit-3.4.2-4.17.26 libavformat57-32bit-debuginfo-3.4.2-4.17.26 libavresample3-32bit-3.4.2-4.17.26 libavresample3-32bit-debuginfo-3.4.2-4.17.26 libavutil55-32bit-3.4.2-4.17.26 libavutil55-32bit-debuginfo-3.4.2-4.17.26 libpostproc54-32bit-3.4.2-4.17.26 libpostproc54-32bit-debuginfo-3.4.2-4.17.26 libswresample2-32bit-3.4.2-4.17.26 libswresample2-32bit-debuginfo-3.4.2-4.17.26 libswscale4-32bit-3.4.2-4.17.26 libswscale4-32bit-debuginfo-3.4.2-4.17.26 - SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (aarch64 ppc64le s390x x86_64): ffmpeg-debuginfo-3.4.2-4.17.26 ffmpeg-debugsource-3.4.2-4.17.26 libavcodec57-3.4.2-4.17.26 libavcodec57-debuginfo-3.4.2-4.17.26 libavutil-devel-3.4.2-4.17.26 libavutil55-3.4.2-4.17.26 libavutil55-debuginfo-3.4.2-4.17.26 libpostproc-devel-3.4.2-4.17.26 libpostproc54-3.4.2-4.17.26 libpostproc54-debuginfo-3.4.2-4.17.26 libswresample-devel-3.4.2-4.17.26 libswresample2-3.4.2-4.17.26 libswresample2-debuginfo-3.4.2-4.17.26 libswscale-devel-3.4.2-4.17.26 libswscale4-3.4.2-4.17.26 libswscale4-debuginfo-3.4.2-4.17.26
References
#1101888 #1101889
Cross- CVE-2018-14394 CVE-2018-14395
Affected Products:
SUSE Linux Enterprise Workstation Extension 15-SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
SUSE Linux Enterprise Module for Desktop Applications 15-SP1
https://www.suse.com/security/cve/CVE-2018-14394.html
https://www.suse.com/security/cve/CVE-2018-14395.html
https://bugzilla.suse.com/1101888
https://bugzilla.suse.com/1101889