Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.0065 libav security update 8 January 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libav Publisher: Debian Operating System: Debian GNU/Linux 8 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-1999010 CVE-2018-14394 CVE-2018-7557 CVE-2018-6621 CVE-2017-17130 CVE-2017-15672 CVE-2017-14767 CVE-2017-14171 CVE-2017-14170 CVE-2017-14057 CVE-2017-14056 CVE-2017-14055 CVE-2017-9994 CVE-2017-9993 Reference: ESB-2018.2075 ESB-2017.2147 Original Bulletin: https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libav Version : 6:11.12-1~deb8u4 CVE ID : CVE-2017-9993 CVE-2017-9994 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14170 CVE-2017-14171 CVE-2017-14767 CVE-2017-15672 CVE-2017-17130 CVE-2018-6621 CVE-2018-7557 CVE-2018-14394 CVE-2018-1999010 Several security vulnerabilities were corrected in the libav multimedia library which may lead to a denial-of-service, information disclosure or the execution of arbitrary code if a malformed file is processed. CVE-2017-9993 Libav does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data. CVE-2017-9994 libavcodec/webp.c in Libav does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions. CVE-2017-14055 Denial-of-service in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. CVE-2017-14056 Denial-of-service in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. CVE-2017-14057 Denial-of-service in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. CVE-2017-14170 Denial-of-service in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption. CVE-2017-14171 Denial-of-service in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. CVE-2017-14767 The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file. CVE-2017-15672 The read_header function in libavcodec/ffv1dec.c allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. CVE-2017-17130 The ff_free_picture_tables function in libavcodec/mpegpicture.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks_adv. CVE-2018-6621 The decode_frame function in libavcodec/utvideodec.c in Libav allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. CVE-2018-7557 The decode_init function in libavcodec/utvideodec.c in Libav allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. CVE-2018-14394 libavformat/movenc.c in Libav allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file. CVE-2018-1999010 Libav contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. For Debian 8 "Jessie", these problems have been fixed in version 6:11.12-1~deb8u4. We recommend that you upgrade your libav packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlwz1AhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRByBAAtiPdhTU2Hz6e/IhRiKtZhh9x8V5RuFjm/NfcITfWA2v6RKtXaXuHV718 HKHYPag2+aDTPsqpnWwqjnCGL5WhPA52HV8VMy/c7RYgUf6rAPMzYgILcL4yOrEc 210QhstW0vnEvvNnDsxy+xYunPYXU0FVR7/q6utAuSURT1Orkul+a9oB+jkklfMp jThdxHCiyb4KEvsuze1yGZ7fgKkzS9XDkp+3xKhV+UxNaK0V4JBigWQVGy20x3B5 Czhx15zMhH85ZMat2WppSFGNfuqX3QwZP0q0ePRsUeOdMFG/yFYmHzYRB/56/RHs h0OQcBIHe6Yp0C1Xw8ZnRcRM1h2Ie62cY1HHAHqRkEJDKn1FTLacOHwz36YR+lb5 LqaN0b588WtiwyoTKWF97MPiQBXC2KhpJ/gYcbGLGlbTja4cJ5A7tUc1nW6MpyGG ydyBDPEi8Taq+fgeX/Ula/8y/krNE14yauJZ4/gxSR3eSEfxtX4alBvlQktecMnr j7bbyiMWcNyLy2lasXy1ZFz2wUqNpXjvIPxUMwD4NsUmlvnbX0/+Yisb4brMukji kl35KtNIOKs0FeXZjKQb5k4SAij2edAEz9M+MTV0Hk5bcXVguRj7dLuNHne1RIhj uuvPUHGFGuJ3jwIfJtH5lgL/gtdZyI8ZNwCYIC1exsDjZYz6Kpg= =LBVu - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXDPnomaOgq3Tt24GAQgwtg/+JX7kCtiEV5cLHCKOVJTeNssz656cx15O YgzKaqeFCsSpn5Ba9HW7WAOpTBnscl3B1y7aTUfj8yXXc4NxZQO8y+khusSr8cLI eSZgoNeMifazizr5Yfg4l2nhnX3uGPt45tQH+qsXC/bgdBgNCsEoTLHDiG5wxyOx X2ytudsPsHSl0r5LrhYnz3Uj1BdQOGgoTm88oJ1TNhBjoHWroguHTrfo6jPK1nX7 9gyC8AsH36aC425ap1hSzFs9q/TIojBCJp0iLwkfvd6vtjh8H3gRjHjPEh97giAQ taxpVPxncOxqKCl0qOoDLoIMr3WXnfgYTLZsfljYVeo9o2YP5WiDx9f6FxAEfviV m/VaAU6ys3IG41pfrzM+zsvAq5kfbRQr5Xjxlv4Q9xJ2EmV1zzPeXCDwHdRDdLMO HgHzUfWShOoN5qLEmMhfLS0R3yDWimdoVX0yqPlEdds9kwKTs+HWuB1mYHCg94Vd 6lafiYhm5xaIDkaOrjp7X61TYfKm+1JWnME/CBbF6erw7fZBmvZsAuatcsPUN41O GZRMFsExJTE6NkdiYhV/n1MTvNF1NkrjuitMFqAcFnHp1nOZ8Tom8LHkLlDhOMPX zyHry4wcAkj5kIvqfBTNEx7LKgVJ1dJ31swLlJK1VbqG0Rth7a2iNKR7/UFaHwwS xy0A/1p5S5s= =JQIP -----END PGP SIGNATURE-----