CVE-2017-7866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7866): FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. CVE-2017-7865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7865): FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. CVE-2017-7863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7863): FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. CVE-2017-7862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7862): FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. CVE-2017-7859 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7859): FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.
cleanup will occur in bug #639698 GLSA Vote: No
Freeing CVE-2017-7862 alias for tracker creation.
