Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mageia Linux Local Check: mgasa-2016-0060
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Mageia Linux Local Security Checks mgasa-2016-0060
Insight
Insight
Updated ffmpeg packages fix security vulnerabilities: FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file (CVE-2016-1897). FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file (CVE-2016-1898). Out-of-array read in FFmpeg before 2.4.13 in jpeg2000_decode_tile() in jpeg2000dec.c (CVE-2016-2213).
Solution
Solution
Update the affected packages to the latest available version.