Oval Definition:oval:org.opensuse.security:def:1777
Revision Date:2021-09-02Version:1
Title:Security update for ffmpeg (Important)
Description:

This update for ffmpeg fixes the following issues:

- CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c (bsc#1129714). - CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849). - CVE-2020-22048: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c (bsc#1186859). - CVE-2020-22049: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c (bsc#1186861). - CVE-2020-22054: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c (bsc#1186863). - CVE-2020-21688: Fixed a heap-use-after-free in the av_freep function in libavutil/mem.c (bsc#1189348). - CVE-2020-21697: Fixed a heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c (bsc#1189350). - CVE-2021-38114: Fixed a not checked return value of the init_vlc function (bsc#1189142).
Family:unixClass:patch
Status:Reference(s):1082023
1129714
1135114
1149792
1154804
1154805
1155198
1155205
1155298
1155678
1155819
1156158
1157377
1158667
1158763
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1160790
1161088
1161089
1161167
1161670
1162202
1162675
1186849
1186859
1186861
1186863
1189142
1189348
1189350
CVE-2012-1616
CVE-2015-1545
CVE-2015-1546
CVE-2015-6908
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-16785
CVE-2019-16785
CVE-2019-16786
CVE-2019-16786
CVE-2019-16789
CVE-2019-16789
CVE-2019-16792
CVE-2019-16792
CVE-2019-18634
CVE-2019-18900
CVE-2019-19604
CVE-2019-9721
CVE-2020-0569
CVE-2020-21688
CVE-2020-21697
CVE-2020-22046
CVE-2020-22048
CVE-2020-22049
CVE-2020-22054
CVE-2021-38114
SUSE-SU-2020:0045-1
SUSE-SU-2020:0346-1
SUSE-SU-2020:0408-1
SUSE-SU-2020:0432-1
SUSE-SU-2020:3269-1
SUSE-SU-2021:2919-1
Platform(s):SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 15
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for CAP 15 SP1
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Containers 15
SUSE Linux Enterprise Module for Containers 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Toolchain 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND kernel-zfcpdump-3.12.36-38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND kernel-zfcpdump-3.12.51-60.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND perl-YAML-LibYAML-0.38-10.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • strongswan-5.1.3-18 is installed
  • OR strongswan-doc-5.1.3-18 is installed
  • OR strongswan-ipsec-5.1.3-18 is installed
  • OR strongswan-libs0-5.1.3-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-33 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-33 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-33 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-33 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND openldap2-devel-32bit-2.4.46-7.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
  • AND Package Information
  • libavcodec-devel-3.4.2-11.8.2 is installed
  • OR libavformat-devel-3.4.2-11.8.2 is installed
  • OR libavresample-devel-3.4.2-11.8.2 is installed
  • OR libavresample3-3.4.2-11.8.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND ctdb-4.6.5+git.27.6afd48b1083-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_59-60_45-default-3-2.1 is installed
  • OR kgraft-patch-3_12_59-60_45-xen-3-2.1 is installed
  • OR kgraft-patch-SLE12-SP1_Update_6-3-2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.201-3.16 is installed
  • OR java-1_8_0-openjdk-javadoc-1.8.0.201-3.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • python-waitress-1.4.3-3.3 is installed
  • OR python3-waitress-1.4.3-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • libvpx-1.6.1-6.6 is installed
  • OR libvpx4-1.6.1-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for CAP 15 SP1 is installed
  • AND cf-cli-6.43.0-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND docker-1.6.2-31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 is installed
  • AND Package Information
  • docker-18.09.6_ce-6.20 is installed
  • OR docker-bash-completion-18.09.6_ce-6.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 SP1 is installed
  • AND docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • libmodplug-devel-0.3.9-3.3 is installed
  • OR libmodplug1-0.3.9-3.3 is installed
  • OR libopenmpt-0.3.9-3.3 is installed
  • OR libopenmpt-devel-0.3.9-3.3 is installed
  • OR libopenmpt0-0.3.9-3.3 is installed
  • OR libopenmpt_modplug1-0.3.9-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND mercurial-4.5.2-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • graphviz-addons-2.40.1-6.3 is installed
  • OR graphviz-perl-2.40.1-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-23-default-6-16 is installed
  • OR kernel-livepatch-SLE15_Update_0-6-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • binutils-2.31-6.3 is installed
  • OR binutils-gold-2.31-6.3 is installed
  • OR cross-arm-binutils-2.31-6.3 is installed
  • OR cross-avr-binutils-2.31-6.3 is installed
  • OR cross-epiphany-binutils-2.31-6.3 is installed
  • OR cross-hppa-binutils-2.31-6.3 is installed
  • OR cross-hppa64-binutils-2.31-6.3 is installed
  • OR cross-i386-binutils-2.31-6.3 is installed
  • OR cross-ia64-binutils-2.31-6.3 is installed
  • OR cross-m68k-binutils-2.31-6.3 is installed
  • OR cross-mips-binutils-2.31-6.3 is installed
  • OR cross-ppc-binutils-2.31-6.3 is installed
  • OR cross-ppc64-binutils-2.31-6.3 is installed
  • OR cross-riscv64-binutils-2.31-6.3 is installed
  • OR cross-rx-binutils-2.31-6.3 is installed
  • OR cross-s390-binutils-2.31-6.3 is installed
  • OR cross-sparc-binutils-2.31-6.3 is installed
  • OR cross-sparc64-binutils-2.31-6.3 is installed
  • OR cross-spu-binutils-2.31-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-accessibility-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-javadoc-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-src-1.8.0.212-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.27 is installed
  • OR kernel-azure-base-4.12.14-5.27 is installed
  • OR kernel-azure-devel-4.12.14-5.27 is installed
  • OR kernel-devel-azure-4.12.14-5.27 is installed
  • OR kernel-source-azure-4.12.14-5.27 is installed
  • OR kernel-syms-azure-4.12.14-5.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • util-linux-systemd-2.31.1-9.3 is installed
  • OR uuidd-2.31.1-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Toolchain 12 is installed
  • AND Package Information
  • cpp5-5.3.1+r233831-9 is installed
  • OR gcc5-5.3.1+r233831-9 is installed
  • OR gcc5-c++-5.3.1+r233831-9 is installed
  • OR gcc5-fortran-5.3.1+r233831-9 is installed
  • OR gcc5-info-5.3.1+r233831-9 is installed
  • OR gcc5-locale-5.3.1+r233831-9 is installed
  • OR libffi-devel-gcc5-5.3.1+r233831-9 is installed
  • OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.1-2 is installed
  • OR python3-base-3.4.1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND ant-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ipsec-tools-0.8.0-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libcares2-1.9.1-5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • libhivex0-1.3.10-4.1 is installed
  • OR perl-Win-Hivex-1.3.10-4.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND osc-0.148.1-1.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND argyllcms-1.9.2-2 is installed
    • BACK