OVAL Reference oval:org.opensuse.security:def:102329

Oval Definition:

oval:org.opensuse.security:def:102329

Revision Date:	2021-09-02	Version:	1
Title:	Security update for ffmpeg (Important)
Description:	This update for ffmpeg fixes the following issues: - CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c (bsc#1129714). - CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849). - CVE-2020-22048: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c (bsc#1186859). - CVE-2020-22049: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c (bsc#1186861). - CVE-2020-22054: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c (bsc#1186863). - CVE-2020-21688: Fixed a heap-use-after-free in the av_freep function in libavutil/mem.c (bsc#1189348). - CVE-2020-21697: Fixed a heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c (bsc#1189350). - CVE-2021-38114: Fixed a not checked return value of the init_vlc function (bsc#1189142).
Family:	unix	Class:	patch
Status:		Reference(s):	1129714 1178622 1178700 1178783 1186849 1186859 1186861 1186863 1189142 1189348 1189350 CVE-2019-9721 CVE-2020-21688 CVE-2020-21697 CVE-2020-22046 CVE-2020-22048 CVE-2020-22049 CVE-2020-22054 CVE-2020-25668 CVE-2020-25705 CVE-2020-8694 CVE-2021-38114 SUSE-SU-2021:2919-1
Platform(s):	SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP3	Product(s):
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND kernel-livepatch-5_3_18-24_12-default-4-2.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed AND Package Information libavcodec-devel-3.4.2-11.8.2 is installed OR libavformat-devel-3.4.2-11.8.2 is installed OR libavresample-devel-3.4.2-11.8.2 is installed OR libavresample3-3.4.2-11.8.2 is installed

BACK