Oval Definition:oval:org.opensuse.security:def:110397
Revision Date:2020-01-13Version:1
Title:Security update for ffmpeg-4 (Moderate)
Description:

This update for ffmpeg-4 fixes the following issues:

ffmpeg-4 was updated to version 4.0.5, fixes boo#1133153

- CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified. (bsc#1133153) - For other changes see /usr/share/doc/packages/libavcodec58/Changelog

Update to version 4.2.1:

Stable bug fix release, mainly codecs and format fixes.

- CVE-2019-15942: Conditional jump or move depends on uninitialised value' issue in h2645_parse (boo#1149839)

Update to FFmpeg 4.2 'Ada'

tpad filter * AV1 decoding support through libdav1d * dedot filter * chromashift and rgbashift filters * freezedetect filter * truehd_core bitstream filter * dhav demuxer * PCM-DVD encoder * GIF parser * vividas demuxer * hymt decoder * anlmdn filter * maskfun filter * hcom demuxer and decoder * ARBC decoder * libaribb24 based ARIB STD-B24 caption support (profiles A and C) * Support decoding of HEVC 4:4:4 content in nvdec and cuviddec * removed libndi-newtek * agm decoder * KUX demuxer * AV1 frame split bitstream filter * lscr decoder * lagfun filter * asoftclip filter * Support decoding of HEVC 4:4:4 content in vdpau * colorhold filter * xmedian filter * asr filter * showspatial multimedia filter * VP4 video decoder * IFV demuxer * derain filter * deesser filter * mov muxer writes tracks with unspecified language instead of English by default * added support for using clang to compile CUDA kernels

- See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog.

Update to version 4.1.4

See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog.

- Enable runtime enabling for fdkaac via --enable-libfdk-aac-dlopen

Update to version 4.1.3:

Updates and bug fixes for codecs, filters and formats. [boo#1133153, boo#1133155, CVE-2019-11338, CVE-2019-11339]

Update to version 4.1.2:

Updates and bug fixes for codecs, filters and formats.

Update to version 4.1.1:

Various filter and codec fixes and enhancements. * configure: Add missing xlib dependency for VAAPI X11 code. * For complete changelog, see /usr/share/doc/packages/ffmpeg-4/Changelog * enable AV1 support on x86_64

Update ffmpeg to 4.1:

Lots of filter updates as usual: deblock, tmix, aplify, fftdnoiz, aderivative, aintegral, pal75bars, pal100bars, adeclick, adeclip, lensfun (wrapper), colorconstancy, 1D LUT filter (lut1d), cue, acue, transpose_npp, amultiply, Block-Matching 3d (bm3d) denoising filter, acrossover filter, audio denoiser as afftdn filter, sinc audio filter source, chromahold, setparams, vibrance, xstack, (a)graphmonitor filter yadif_cuda filter. * AV1 parser * Support for AV1 in MP4 * PCM VIDC decoder and encoder * libtensorflow backend for DNN based filters like srcnn * -- The following only enabled in third-party builds: * ATRAC9 decoder * AVS2 video decoder via libdavs2 * IMM4 video decoder * Brooktree ProSumer video decoder * MatchWare Screen Capture Codec decoder * WinCam Motion Video decoder * RemotelyAnywhere Screen Capture decoder * AVS2 video encoder via libxavs2 * ILBC decoder * SER demuxer * Decoding S12M timecode in H264 * For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1

Update ffmpeg to 4.0.3:

For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.0.3

- CVE-2018-13305: Added a missing check for negative values of mqaunt variable (boo#1100345).

Family:unixClass:patch
Status:Reference(s):1100345
1133123
1133153
1133155
1149839
CVE-2017-17555
CVE-2018-13305
CVE-2019-11338
CVE-2019-11339
CVE-2019-15942
openSUSE-SU-2020:0024-1
Platform(s):openSUSE Leap 15.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • ffmpeg-4-libavcodec-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libavdevice-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libavfilter-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libavformat-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libavresample-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libavutil-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libpostproc-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libswresample-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-libswscale-devel-4.2.1-bp151.5.3.1 is installed
  • OR ffmpeg-4-private-devel-4.2.1-bp151.5.3.1 is installed
  • OR libavcodec58-4.2.1-bp151.5.3.1 is installed
  • OR libavcodec58-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libavcodec58-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libavdevice58-4.2.1-bp151.5.3.1 is installed
  • OR libavdevice58-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libavdevice58-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libavfilter7-4.2.1-bp151.5.3.1 is installed
  • OR libavfilter7-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libavfilter7-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libavformat58-4.2.1-bp151.5.3.1 is installed
  • OR libavformat58-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libavformat58-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libavresample4-4.2.1-bp151.5.3.1 is installed
  • OR libavresample4-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libavresample4-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libavutil56-4.2.1-bp151.5.3.1 is installed
  • OR libavutil56-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libavutil56-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libpostproc55-4.2.1-bp151.5.3.1 is installed
  • OR libpostproc55-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libpostproc55-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libswresample3-4.2.1-bp151.5.3.1 is installed
  • OR libswresample3-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libswresample3-64bit-4.2.1-bp151.5.3.1 is installed
  • OR libswscale5-4.2.1-bp151.5.3.1 is installed
  • OR libswscale5-32bit-4.2.1-lp151.2.3.1 is installed
  • OR libswscale5-64bit-4.2.1-bp151.5.3.1 is installed
  • BACK