Oval Definition:oval:org.opensuse.security:def:1769
Revision Date:2021-07-14Version:1
Title:Security update for ffmpeg (Important)
Description:

This update for ffmpeg fixes the following issues:

- CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file (bsc#1172640). - CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c (bsc#1186406). - CVE-2019-17539: Fixed NULL pointer dereference in avcodec_open2 in libavcodec/utils.c (bsc# 1154065). - CVE-2020-22026: Fixed buffer overflow vulnerability in config_input() at libavfilter/af_tremolo.c (bsc#1186583). - CVE-2020-22021: Fixed buffer overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c (bsc#1186586). - CVE-2020-22020: Fixed buffer overflow vulnerability in build_diff_map() in libavfilter/vf_fieldmatch.c (bsc#1186587). - CVE-2020-22015: Fixed buffer overflow vulnerability in mov_write_video_tag() due to the out of bounds in libavformat/movenc.c (bsc#1186596). - CVE-2020-22016: Fixed a heap-based Buffer Overflow vulnerability at libavcodec/get_bits.h when writing .mov files (bsc#1186598). - CVE-2020-22017: Fixed a heap-based Buffer Overflow vulnerability in ff_fill_rectangle() in libavfilter/drawutils.c (bsc#1186600). - CVE-2020-22022: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_fieldorder.c (bsc#1186603). - CVE-2020-22023: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_bitplanenoise.c (bsc#1186604) - CVE-2020-22025: Fixed a heap-based Buffer Overflow vulnerability in gaussian_blur at libavfilter/vf_edgedetect.c (bsc#1186605). - CVE-2020-22031: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_w3fdif.c in filter16_complex_low() (bsc#1186613). - CVE-2020-22032: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_edgedetect.c in gaussian_blur() (bsc#1186614). - CVE-2020-22034: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_floodfill.c (bsc#1186616). - CVE-2020-20451: Fixed denial of service issue due to resource management errors via fftools/cmdutils.c (bsc#1186658). - CVE-2020-20448: Fixed divide by zero issue via libavcodec/ratecontrol.c (bsc#1186660). - CVE-2020-22038: Fixed denial of service vulnerability due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c (bsc#1186757). - CVE-2020-22039: Fixed denial of service vulnerability due to a memory leak in the inavi_add_ientry function (bsc#1186758). - CVE-2020-22043: Fixed denial of service vulnerability due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c (bsc#1186762). - CVE-2020-22044: Fixed denial of service vulnerability due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c (bsc#1186763). - CVE-2020-22033,CVE-2020-22019: Fixed a heap-based Buffer Overflow Vulnerability at libavfilter/vf_vmafmotion.c in convolution_y_8bit() and in convolution_y_10bit() in libavfilter/vf_vmafmotion.c (bsc#1186615, bsc#1186597).
Family:unixClass:patch
Status:Reference(s):1172640
1174230
1176384
1176756
1176899
1177977
1186406
1186583
1186586
1186587
1186596
1186597
1186598
1186600
1186603
1186604
1186605
1186613
1186614
1186615
1186616
1186658
1186660
1186757
1186758
1186762
1186763
CVE-2005-4900
CVE-2014-3970
CVE-2016-10128
CVE-2016-10129
CVE-2016-10130
CVE-2016-8568
CVE-2016-8569
CVE-2017-5338
CVE-2017-5339
CVE-2018-8098
CVE-2018-8099
CVE-2019-17539
CVE-2020-13904
CVE-2020-15673
CVE-2020-15673
CVE-2020-15676
CVE-2020-15676
CVE-2020-15677
CVE-2020-15677
CVE-2020-15678
CVE-2020-15678
CVE-2020-15683
CVE-2020-15683
CVE-2020-15969
CVE-2020-15969
CVE-2020-20448
CVE-2020-20451
CVE-2020-21041
CVE-2020-22015
CVE-2020-22016
CVE-2020-22017
CVE-2020-22019
CVE-2020-22020
CVE-2020-22021
CVE-2020-22022
CVE-2020-22023
CVE-2020-22025
CVE-2020-22026
CVE-2020-22031
CVE-2020-22032
CVE-2020-22033
CVE-2020-22034
CVE-2020-22038
CVE-2020-22039
CVE-2020-22043
CVE-2020-22044
SUSE-SU-2020:3091-1
SUSE-SU-2021:2322-1
Platform(s):SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 15
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Containers 15
SUSE Linux Enterprise Module for Containers 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND kernel-zfcpdump-3.12.38-44 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND kernel-zfcpdump-3.12.53-60.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND clamav-0.98.7-13.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND rsync-3.1.0-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • NetworkManager-1.0.12-8 is installed
  • OR NetworkManager-lang-1.0.12-8 is installed
  • OR libnm-glib-vpn1-1.0.12-8 is installed
  • OR libnm-glib4-1.0.12-8 is installed
  • OR libnm-util2-1.0.12-8 is installed
  • OR libnm0-1.0.12-8 is installed
  • OR typelib-1_0-NM-1_0-1.0.12-8 is installed
  • OR typelib-1_0-NMClient-1_0-1.0.12-8 is installed
  • OR typelib-1_0-NetworkManager-1_0-1.0.12-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-36 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • libgit2-26-0.26.3-1.26 is installed
  • OR libgit2-devel-0.26.3-1.26 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
  • AND Package Information
  • libavcodec-devel-3.4.2-11.3.1 is installed
  • OR libavformat-devel-3.4.2-11.3.1 is installed
  • OR libavresample-devel-3.4.2-11.3.1 is installed
  • OR libavresample3-3.4.2-11.3.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.4.21-69 is installed
  • OR cluster-network-kmp-default-4.4.21-69 is installed
  • OR dlm-kmp-default-4.4.21-69 is installed
  • OR gfs2-kmp-default-4.4.21-69 is installed
  • OR ocfs2-kmp-default-4.4.21-69 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND haproxy-1.6.11-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_59-60_45-default-2-2.2 is installed
  • OR kgraft-patch-3_12_59-60_45-xen-2-2.2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_6-2-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-javadoc-1.8.0.212-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • mozilla-nspr-4.25.1-3.15 is installed
  • OR mozilla-nspr-32bit-4.25.1-3.15 is installed
  • OR mozilla-nspr-devel-4.25.1-3.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • libvpx-1.6.1-6.6 is installed
  • OR libvpx4-1.6.1-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND python-PyYAML-3.10-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 is installed
  • AND Package Information
  • containerd-1.2.2-5.9 is installed
  • OR docker-18.09.1_ce-6.14 is installed
  • OR docker-bash-completion-18.09.1_ce-6.14 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9 is installed
  • OR docker-runc-1.0.0rc6+gitr3748_96ec2177ae84-6.12 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2711_2cfbf9b1f981-4.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 SP1 is installed
  • AND Package Information
  • containerd-1.2.13-5.22 is installed
  • OR docker-19.03.11_ce-6.34 is installed
  • OR docker-bash-completion-19.03.11_ce-6.34 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2902_153d0769a118-4.21 is installed
  • OR docker-runc-1.0.0rc10+gitr3981_dc9208a3303f-6.38 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2902_153d0769a118-4.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • libtiff5-32bit-4.0.9-5.9 is installed
  • OR tiff-4.0.9-5.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-5.12 is installed
  • OR libjpeg8-32bit-8.1.2-5.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.14 is installed
  • OR perl-PerlMagick-7.0.7.34-3.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • kernel-docs-4.12.14-197.4 is installed
  • OR kernel-obs-build-4.12.14-197.4 is installed
  • OR kernel-source-4.12.14-197.4 is installed
  • OR kernel-syms-4.12.14-197.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • libopenssl0_9_8-0.9.8j-59 is installed
  • OR libopenssl0_9_8-32bit-0.9.8j-59 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_3-default-5-2 is installed
  • OR kernel-livepatch-SLE15_Update_1-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.25 is installed
  • OR kernel-default-base-4.12.14-25.25 is installed
  • OR kernel-docs-4.12.14-25.25 is installed
  • OR kernel-docs-html-4.12.14-25.25 is installed
  • OR kernel-obs-qa-4.12.14-25.25 is installed
  • OR kselftests-kmp-default-4.12.14-25.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • bzip2-1.0.6-5.3 is installed
  • OR bzip2-doc-1.0.6-5.3 is installed
  • OR libbz2-devel-32bit-1.0.6-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.19 is installed
  • OR kernel-azure-base-4.12.14-5.19 is installed
  • OR kernel-azure-devel-4.12.14-5.19 is installed
  • OR kernel-devel-azure-4.12.14-5.19 is installed
  • OR kernel-source-azure-4.12.14-5.19 is installed
  • OR kernel-syms-azure-4.12.14-5.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.1-2 is installed
  • OR python3-base-3.4.1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • MozillaFirefox-31.1.0esr-1 is installed
  • OR MozillaFirefox-translations-31.1.0esr-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • guestfs-data-1.32.4-14 is installed
  • OR guestfs-tools-1.32.4-14 is installed
  • OR guestfsd-1.32.4-14 is installed
  • OR libguestfs0-1.32.4-14 is installed
  • OR perl-Sys-Guestfs-1.32.4-14 is installed
  • OR python-libguestfs-1.32.4-14 is installed
  • OR virt-p2v-1.32.4-14 is installed
  • OR virt-v2v-1.32.4-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libXxf86vm1-1.1.3-3.54 is installed
  • OR libXxf86vm1-32bit-1.1.3-3.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND libfreetype6-2.6.3-7.8.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND lua-devel-5.2.2-4.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.3 is installed
  • OR libvncclient0-0.9.10-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • pulseaudio-module-bluetooth-11.1-4 is installed
  • OR pulseaudio-module-lirc-11.1-4 is installed
    • BACK