Alpine Linux

Updated:  January 20, 2016

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Apple

Notified:  January 20, 2016 Updated: January 20, 2016

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References

    Arch Linux

    Notified:  January 20, 2016 Updated: January 20, 2016

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Vendor References

    CentOS

    Notified:  January 20, 2016 Updated: January 21, 2016

    Statement Date:   January 21, 2016

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Addendum

    Red Hat ships only qffmpeg, which is a stripped-down fork of ffmpeg that is not vulnerable.

    CoreOS

    Notified:  January 20, 2016 Updated: January 20, 2016

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor References

      Debian GNU/Linux

      Notified:  January 20, 2016 Updated: January 20, 2016

      Status

        Affected

      Vendor Statement

      No statement is currently available from the vendor regarding this vulnerability.

      Vendor Information

      We are not aware of further vendor information regarding this vulnerability.

      Vendor References

      DesktopBSD

      Notified:  January 20, 2016 Updated: January 20, 2016

      Status

        Unknown

      Vendor Statement

      No statement is currently available from the vendor regarding this vulnerability.

      Vendor References

        DragonFly BSD Project

        Notified:  January 20, 2016 Updated: January 20, 2016

        Status

          Unknown

        Vendor Statement

        No statement is currently available from the vendor regarding this vulnerability.

        Vendor References

          EMC Corporation

          Notified:  January 20, 2016 Updated: January 20, 2016

          Status

            Unknown

          Vendor Statement

          No statement is currently available from the vendor regarding this vulnerability.

          Vendor References

            F5 Networks, Inc.

            Notified:  January 20, 2016 Updated: January 20, 2016

            Status

              Unknown

            Vendor Statement

            No statement is currently available from the vendor regarding this vulnerability.

            Vendor References

              Fedora Project

              Notified:  January 20, 2016 Updated: January 20, 2016

              Status

                Unknown

              Vendor Statement

              No statement is currently available from the vendor regarding this vulnerability.

              Vendor References

                ffmpeg

                Updated:  January 20, 2016

                Status

                  Affected

                Vendor Statement

                No statement is currently available from the vendor regarding this vulnerability.

                Vendor Information

                We are not aware of further vendor information regarding this vulnerability.

                Vendor References

                FreeBSD Project

                Notified:  January 20, 2016 Updated: January 20, 2016

                Status

                  Unknown

                Vendor Statement

                No statement is currently available from the vendor regarding this vulnerability.

                Vendor References

                  Gentoo Linux

                  Notified:  January 20, 2016 Updated: January 20, 2016

                  Status

                    Affected

                  Vendor Statement

                  No statement is currently available from the vendor regarding this vulnerability.

                  Vendor Information

                  We are not aware of further vendor information regarding this vulnerability.

                  Hardened BSD

                  Notified:  January 20, 2016 Updated: January 20, 2016

                  Status

                    Unknown

                  Vendor Statement

                  No statement is currently available from the vendor regarding this vulnerability.

                  Vendor References

                    Hewlett Packard Enterprise

                    Notified:  January 20, 2016 Updated: January 20, 2016

                    Status

                      Unknown

                    Vendor Statement

                    No statement is currently available from the vendor regarding this vulnerability.

                    Vendor References

                      Hitachi

                      Notified:  January 20, 2016 Updated: January 20, 2016

                      Status

                        Unknown

                      Vendor Statement

                      No statement is currently available from the vendor regarding this vulnerability.

                      Vendor References

                        IBM Corporation

                        Notified:  January 20, 2016 Updated: January 20, 2016

                        Status

                          Unknown

                        Vendor Statement

                        No statement is currently available from the vendor regarding this vulnerability.

                        Vendor References

                          IBM eServer

                          Notified:  January 20, 2016 Updated: January 20, 2016

                          Status

                            Unknown

                          Vendor Statement

                          No statement is currently available from the vendor regarding this vulnerability.

                          Vendor References

                            Juniper Networks

                            Notified:  January 20, 2016 Updated: January 20, 2016

                            Status

                              Unknown

                            Vendor Statement

                            No statement is currently available from the vendor regarding this vulnerability.

                            Vendor References

                              Libav

                              Updated:  January 20, 2016

                              Status

                                Affected

                              Vendor Statement

                              No statement is currently available from the vendor regarding this vulnerability.

                              Vendor Information

                              We are not aware of further vendor information regarding this vulnerability.

                              m0n0wall

                              Notified:  January 20, 2016 Updated: January 20, 2016

                              Status

                                Unknown

                              Vendor Statement

                              No statement is currently available from the vendor regarding this vulnerability.

                              Vendor References

                                Microsoft Corporation

                                Notified:  January 20, 2016 Updated: March 10, 2016

                                Statement Date:   March 10, 2016

                                Status

                                  Not Affected

                                Vendor Statement

                                No statement is currently available from the vendor regarding this vulnerability.

                                Vendor Information

                                We are not aware of further vendor information regarding this vulnerability.

                                NEC Corporation

                                Notified:  January 20, 2016 Updated: January 20, 2016

                                Status

                                  Unknown

                                Vendor Statement

                                No statement is currently available from the vendor regarding this vulnerability.

                                Vendor References

                                  NetBSD

                                  Notified:  January 20, 2016 Updated: January 20, 2016

                                  Status

                                    Unknown

                                  Vendor Statement

                                  No statement is currently available from the vendor regarding this vulnerability.

                                  Vendor References

                                    Nokia

                                    Notified:  January 20, 2016 Updated: January 20, 2016

                                    Status

                                      Unknown

                                    Vendor Statement

                                    No statement is currently available from the vendor regarding this vulnerability.

                                    Vendor References

                                      OmniTI

                                      Notified:  January 20, 2016 Updated: January 20, 2016

                                      Statement Date:   January 20, 2016

                                      Status

                                        Not Affected

                                      Vendor Statement

                                      No statement is currently available from the vendor regarding this vulnerability.

                                      Vendor Information

                                      Neither of these (ffmpeg or libav) are in OmniOS. They may be in unsupported 3rd-party packages, but they are not in OmniOS itself.

                                      openSUSE project

                                      Notified:  January 20, 2016 Updated: January 20, 2016

                                      Status

                                        Unknown

                                      Vendor Statement

                                      No statement is currently available from the vendor regarding this vulnerability.

                                      Vendor References

                                        Openwall GNU/*/Linux

                                        Notified:  January 20, 2016 Updated: January 20, 2016

                                        Status

                                          Unknown

                                        Vendor Statement

                                        No statement is currently available from the vendor regarding this vulnerability.

                                        Vendor References

                                          Oracle Corporation

                                          Notified:  January 20, 2016 Updated: January 20, 2016

                                          Status

                                            Unknown

                                          Vendor Statement

                                          No statement is currently available from the vendor regarding this vulnerability.

                                          Vendor References

                                            PC-BSD

                                            Notified:  January 20, 2016 Updated: January 20, 2016

                                            Status

                                              Unknown

                                            Vendor Statement

                                            No statement is currently available from the vendor regarding this vulnerability.

                                            Vendor References

                                              QNX Software Systems Inc.

                                              Notified:  January 20, 2016 Updated: January 20, 2016

                                              Status

                                                Unknown

                                              Vendor Statement

                                              No statement is currently available from the vendor regarding this vulnerability.

                                              Vendor References

                                                Red Hat, Inc.

                                                Notified:  January 20, 2016 Updated: January 21, 2016

                                                Statement Date:   January 21, 2016

                                                Status

                                                  Not Affected

                                                Vendor Statement

                                                No statement is currently available from the vendor regarding this vulnerability.

                                                Addendum

                                                Red Hat ships only qffmpeg, which is a stripped-down fork of ffmpeg that is not vulnerable.

                                                Slackware Linux Inc.

                                                Notified:  January 20, 2016 Updated: January 21, 2016

                                                Status

                                                  Unknown

                                                Vendor Statement

                                                No statement is currently available from the vendor regarding this vulnerability.

                                                Vendor Information

                                                We are not aware of further vendor information regarding this vulnerability.

                                                Sony Corporation

                                                Notified:  January 20, 2016 Updated: January 20, 2016

                                                Status

                                                  Unknown

                                                Vendor Statement

                                                No statement is currently available from the vendor regarding this vulnerability.

                                                Vendor References

                                                  SUSE Linux

                                                  Notified:  January 20, 2016 Updated: January 20, 2016

                                                  Status

                                                    Affected

                                                  Vendor Statement

                                                  No statement is currently available from the vendor regarding this vulnerability.

                                                  Vendor Information

                                                  We are not aware of further vendor information regarding this vulnerability.

                                                  Vendor References

                                                  Turbolinux

                                                  Notified:  January 20, 2016 Updated: January 20, 2016

                                                  Status

                                                    Unknown

                                                  Vendor Statement

                                                  No statement is currently available from the vendor regarding this vulnerability.

                                                  Vendor References

                                                    Ubuntu

                                                    Notified:  January 20, 2016 Updated: January 20, 2016

                                                    Statement Date:   January 20, 2016

                                                    Status

                                                      Affected

                                                    Vendor Statement

                                                    No statement is currently available from the vendor regarding this vulnerability.

                                                    Vendor Information

                                                    We've sponsored updates for Ubuntu 15.04 (ffmpeg 7:2.5.10-0ubuntu0.15.04.1) and Ubuntu 15.10 (ffmpeg 7:2.7.5-0ubuntu0.15.10.1).

                                                    Vendor References

                                                    Unisys

                                                    Notified:  January 20, 2016 Updated: January 20, 2016

                                                    Status

                                                      Unknown

                                                    Vendor Statement

                                                    No statement is currently available from the vendor regarding this vulnerability.

                                                    Vendor References

                                                      VideoLAN

                                                      Updated:  January 21, 2016

                                                      Status

                                                        Affected

                                                      Vendor Statement

                                                      No statement is currently available from the vendor regarding this vulnerability.

                                                      Vendor Information

                                                      We are not aware of further vendor information regarding this vulnerability.

                                                      Vendor References

                                                      View all 40 vendors View less vendors