Univention Bugzilla – Bug 46364
libav: Multiple issues (4.2)
Last modified: 2018-05-08 14:57:05 CEST
New Debian libav 6:11.12-1~deb8u1 fixes: This update addresses the following issue: * smacker: add sanity check for length in smacker_decode_tree() (CVE-2017-16803) In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream.
666594c846 Bug #46364: libav_6:11.12-1~deb8u1
--- mirror/ftp/4.2/unmaintained/4.2-3/source/libav_11.11-1~deb8u1.dsc +++ apt/ucs_4.2-0-errata4.2-3/source/libav_11.12-1~deb8u1.dsc @@ -1,3 +1,9 @@ +6:11.12-1~deb8u1 [Sun, 18 Feb 2018 21:20:56 +0100] Sebastian Ramacher <sramacher@debian.org>: + + * New upstream release. + - smacker: add sanity check for length in smacker_decode_tree() + (CVE-2017-16803) + 6:11.11-1~deb8u1 [Sat, 21 Oct 2017 15:08:38 +0200] Hugo Lefeuvre <hle@debian.org>: * Non-maintainer upload by the Security Team.
* No UCS specific patches * Comparison to previously shipped version ok * Advisory Ok
<http://errata.software-univention.de/ucs/4.2/343.html>