ffmpeg-3.2.2-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10243-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ffmpeg-3.2.2-1.1 on GA media These are all security issues fixed in the ffmpeg-3.2.2-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10243 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2015-8216/ SUSE CVE CVE-2015-8216 page https://www.suse.com/security/cve/CVE-2015-8217/ SUSE CVE CVE-2015-8217 page https://www.suse.com/security/cve/CVE-2015-8218/ SUSE CVE CVE-2015-8218 page https://www.suse.com/security/cve/CVE-2015-8219/ SUSE CVE CVE-2015-8219 page https://www.suse.com/security/cve/CVE-2015-8363/ SUSE CVE CVE-2015-8363 page https://www.suse.com/security/cve/CVE-2015-8364/ SUSE CVE CVE-2015-8364 page https://www.suse.com/security/cve/CVE-2015-8365/ SUSE CVE CVE-2015-8365 page https://www.suse.com/security/cve/CVE-2015-8661/ SUSE CVE CVE-2015-8661 page https://www.suse.com/security/cve/CVE-2015-8662/ SUSE CVE CVE-2015-8662 page https://www.suse.com/security/cve/CVE-2015-8663/ SUSE CVE CVE-2015-8663 page https://www.suse.com/security/cve/CVE-2016-1897/ SUSE CVE CVE-2016-1897 page https://www.suse.com/security/cve/CVE-2016-1898/ SUSE CVE CVE-2016-1898 page openSUSE Tumbleweed ffmpeg-3.2.2-1.1 ffmpeg2-devel-2.8.8-3.1 libavcodec-devel-3.2.2-1.1 libavcodec56-2.8.8-3.1 libavcodec56-32bit-2.8.8-3.1 libavcodec57-3.2.2-1.1 libavcodec57-32bit-3.2.2-1.1 libavdevice-devel-3.2.2-1.1 libavdevice56-2.8.8-3.1 libavdevice56-32bit-2.8.8-3.1 libavdevice57-3.2.2-1.1 libavdevice57-32bit-3.2.2-1.1 libavfilter-devel-3.2.2-1.1 libavfilter5-2.8.8-3.1 libavfilter5-32bit-2.8.8-3.1 libavfilter6-3.2.2-1.1 libavfilter6-32bit-3.2.2-1.1 libavformat-devel-3.2.2-1.1 libavformat56-2.8.8-3.1 libavformat56-32bit-2.8.8-3.1 libavformat57-3.2.2-1.1 libavformat57-32bit-3.2.2-1.1 libavresample-devel-3.2.2-1.1 libavresample2-2.8.8-3.1 libavresample2-32bit-2.8.8-3.1 libavresample3-3.2.2-1.1 libavresample3-32bit-3.2.2-1.1 libavutil-devel-3.2.2-1.1 libavutil54-2.8.8-3.1 libavutil54-32bit-2.8.8-3.1 libavutil55-3.2.2-1.1 libavutil55-32bit-3.2.2-1.1 libpostproc-devel-3.2.2-1.1 libpostproc53-2.8.8-3.1 libpostproc53-32bit-2.8.8-3.1 libpostproc54-3.2.2-1.1 libpostproc54-32bit-3.2.2-1.1 libswresample-devel-3.2.2-1.1 libswresample1-2.8.8-3.1 libswresample1-32bit-2.8.8-3.1 libswresample2-3.2.2-1.1 libswresample2-32bit-3.2.2-1.1 libswscale-devel-3.2.2-1.1 libswscale3-2.8.8-3.1 libswscale3-32bit-2.8.8-3.1 libswscale4-3.2.2-1.1 libswscale4-32bit-3.2.2-1.1 ffmpeg-3.2.2-1.1 as a component of openSUSE Tumbleweed ffmpeg2-devel-2.8.8-3.1 as a component of openSUSE Tumbleweed libavcodec-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libavcodec56-2.8.8-3.1 as a component of openSUSE Tumbleweed libavcodec56-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libavcodec57-3.2.2-1.1 as a component of openSUSE Tumbleweed libavcodec57-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libavdevice-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libavdevice56-2.8.8-3.1 as a component of openSUSE Tumbleweed libavdevice56-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libavdevice57-3.2.2-1.1 as a component of openSUSE Tumbleweed libavdevice57-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libavfilter-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libavfilter5-2.8.8-3.1 as a component of openSUSE Tumbleweed libavfilter5-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libavfilter6-3.2.2-1.1 as a component of openSUSE Tumbleweed libavfilter6-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libavformat-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libavformat56-2.8.8-3.1 as a component of openSUSE Tumbleweed libavformat56-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libavformat57-3.2.2-1.1 as a component of openSUSE Tumbleweed libavformat57-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libavresample-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libavresample2-2.8.8-3.1 as a component of openSUSE Tumbleweed libavresample2-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libavresample3-3.2.2-1.1 as a component of openSUSE Tumbleweed libavresample3-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libavutil-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libavutil54-2.8.8-3.1 as a component of openSUSE Tumbleweed libavutil54-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libavutil55-3.2.2-1.1 as a component of openSUSE Tumbleweed libavutil55-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libpostproc-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libpostproc53-2.8.8-3.1 as a component of openSUSE Tumbleweed libpostproc53-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libpostproc54-3.2.2-1.1 as a component of openSUSE Tumbleweed libpostproc54-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libswresample-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libswresample1-2.8.8-3.1 as a component of openSUSE Tumbleweed libswresample1-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libswresample2-3.2.2-1.1 as a component of openSUSE Tumbleweed libswresample2-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed libswscale-devel-3.2.2-1.1 as a component of openSUSE Tumbleweed libswscale3-2.8.8-3.1 as a component of openSUSE Tumbleweed libswscale3-32bit-2.8.8-3.1 as a component of openSUSE Tumbleweed libswscale4-3.2.2-1.1 as a component of openSUSE Tumbleweed libswscale4-32bit-3.2.2-1.1 as a component of openSUSE Tumbleweed The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. CVE-2015-8216 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8216.html CVE-2015-8216 https://bugzilla.suse.com/955346 SUSE Bug 955346 The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. CVE-2015-8217 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8217.html CVE-2015-8217 https://bugzilla.suse.com/955347 SUSE Bug 955347 The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data. CVE-2015-8218 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8218.html CVE-2015-8218 https://bugzilla.suse.com/955348 SUSE Bug 955348 The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2015-8219 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8219.html CVE-2015-8219 https://bugzilla.suse.com/955350 SUSE Bug 955350 The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via a crafted image with two or more of these markers. CVE-2015-8363 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8363.html CVE-2015-8363 https://bugzilla.suse.com/957114 SUSE Bug 957114 Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data. CVE-2015-8364 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8364.html CVE-2015-8364 https://bugzilla.suse.com/957115 SUSE Bug 957115 The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Smacker data. CVE-2015-8365 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8365.html CVE-2015-8365 https://bugzilla.suse.com/957116 SUSE Bug 957116 The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data. CVE-2015-8661 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8661.html CVE-2015-8661 https://bugzilla.suse.com/960385 SUSE Bug 960385 The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2015-8662 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8662.html CVE-2015-8662 https://bugzilla.suse.com/960384 SUSE Bug 960384 The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. CVE-2015-8663 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8663.html CVE-2015-8663 https://bugzilla.suse.com/960383 SUSE Bug 960383 FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file. CVE-2016-1897 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1897.html CVE-2016-1897 https://bugzilla.suse.com/961937 SUSE Bug 961937 FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file. CVE-2016-1898 openSUSE Tumbleweed:ffmpeg-3.2.2-1.1 openSUSE Tumbleweed:ffmpeg2-devel-2.8.8-3.1 openSUSE Tumbleweed:libavcodec-devel-3.2.2-1.1 openSUSE Tumbleweed:libavcodec56-2.8.8-3.1 openSUSE Tumbleweed:libavcodec56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavcodec57-3.2.2-1.1 openSUSE Tumbleweed:libavcodec57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavdevice-devel-3.2.2-1.1 openSUSE Tumbleweed:libavdevice56-2.8.8-3.1 openSUSE Tumbleweed:libavdevice56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavdevice57-3.2.2-1.1 openSUSE Tumbleweed:libavdevice57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavfilter-devel-3.2.2-1.1 openSUSE Tumbleweed:libavfilter5-2.8.8-3.1 openSUSE Tumbleweed:libavfilter5-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavfilter6-3.2.2-1.1 openSUSE Tumbleweed:libavfilter6-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavformat-devel-3.2.2-1.1 openSUSE Tumbleweed:libavformat56-2.8.8-3.1 openSUSE Tumbleweed:libavformat56-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavformat57-3.2.2-1.1 openSUSE Tumbleweed:libavformat57-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libavresample2-2.8.8-3.1 openSUSE Tumbleweed:libavresample2-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavresample3-3.2.2-1.1 openSUSE Tumbleweed:libavresample3-32bit-3.2.2-1.1 openSUSE Tumbleweed:libavutil-devel-3.2.2-1.1 openSUSE Tumbleweed:libavutil54-2.8.8-3.1 openSUSE Tumbleweed:libavutil54-32bit-2.8.8-3.1 openSUSE Tumbleweed:libavutil55-3.2.2-1.1 openSUSE Tumbleweed:libavutil55-32bit-3.2.2-1.1 openSUSE Tumbleweed:libpostproc-devel-3.2.2-1.1 openSUSE Tumbleweed:libpostproc53-2.8.8-3.1 openSUSE Tumbleweed:libpostproc53-32bit-2.8.8-3.1 openSUSE Tumbleweed:libpostproc54-3.2.2-1.1 openSUSE Tumbleweed:libpostproc54-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswresample-devel-3.2.2-1.1 openSUSE Tumbleweed:libswresample1-2.8.8-3.1 openSUSE Tumbleweed:libswresample1-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswresample2-3.2.2-1.1 openSUSE Tumbleweed:libswresample2-32bit-3.2.2-1.1 openSUSE Tumbleweed:libswscale-devel-3.2.2-1.1 openSUSE Tumbleweed:libswscale3-2.8.8-3.1 openSUSE Tumbleweed:libswscale3-32bit-2.8.8-3.1 openSUSE Tumbleweed:libswscale4-3.2.2-1.1 openSUSE Tumbleweed:libswscale4-32bit-3.2.2-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1898.html CVE-2016-1898 https://bugzilla.suse.com/961937 SUSE Bug 961937