Oval Definition:oval:org.opensuse.security:def:53761
Revision Date:2020-12-01Version:1
Title:Security update for ffmpeg (Moderate)
Description:

This update for ffmpeg fixes the following issues:

- CVE-2018-13300: An improper argument passed to the avpriv_request_sample function may have triggered an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure (bsc#1100348) - CVE-2018-15822: The flv_write_packet function did not check for an empty audio packet, leading to an assertion failure and DoS (bsc#1105869) - CVE-2018-13305: Due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service. (bsc#1100345). - CVE-2018-12458: An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c might have triggered an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. (bsc#1097983).
Family:unixClass:patch
Status:Reference(s):1005522
1005523
1005524
1005525
1005526
1005527
1005528
1051510
1054914
1055117
1060653
1061840
1061876
1063824
1065600
1065729
1067841
1067844
1071995
1082555
1083424
1097983
1098531
1100345
1100348
1101644
1101645
1101651
1101656
1104967
1105869
1106812
1109158
1110687
1111666
1111853
1113722
1114279
1119086
1123034
1127988
1131304
1137069
1137865
1137959
1137982
1140155
1141013
1142076
1142635
1146042
1146519
1146540
1146664
1148133
1148712
1148868
1149313
1149446
1149555
1149651
1150305
1150381
1150423
1150846
1151067
1151192
1151350
1151610
1151661
1151662
1151667
1151680
1151891
1151955
1152024
1152025
1152026
1152161
1152187
1152243
1152325
1152457
1152460
1152466
1152525
1152972
1152974
1152975
867943
878345
878349
915410
982178
988651
CVE-2009-3297
CVE-2010-2242
CVE-2011-0541
CVE-2011-1146
CVE-2011-2511
CVE-2011-4600
CVE-2012-3445
CVE-2013-0170
CVE-2013-0211
CVE-2013-1962
CVE-2013-2218
CVE-2013-2230
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400
CVE-2013-4401
CVE-2013-6436
CVE-2013-6456
CVE-2013-6457
CVE-2013-6458
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447
CVE-2014-2977
CVE-2014-2978
CVE-2014-3633
CVE-2014-3657
CVE-2014-7823
CVE-2014-8131
CVE-2014-8767
CVE-2014-8768
CVE-2014-8769
CVE-2014-9087
CVE-2014-9140
CVE-2014-9512
CVE-2015-0236
CVE-2015-0261
CVE-2015-2153
CVE-2015-2154
CVE-2015-2155
CVE-2015-2304
CVE-2015-3138
CVE-2015-3202
CVE-2015-5247
CVE-2015-5313
CVE-2015-8915
CVE-2015-8916
CVE-2015-8918
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8928
CVE-2015-8929
CVE-2015-8930
CVE-2015-8931
CVE-2015-8932
CVE-2015-8933
CVE-2015-8934
CVE-2016-1541
CVE-2016-4300
CVE-2016-4301
CVE-2016-4302
CVE-2016-4574
CVE-2016-4579
CVE-2016-4809
CVE-2016-5118
CVE-2016-5418
CVE-2016-5542
CVE-2016-5554
CVE-2016-5556
CVE-2016-5568
CVE-2016-5573
CVE-2016-5582
CVE-2016-5597
CVE-2016-5844
CVE-2016-6250
CVE-2016-7922
CVE-2016-7923
CVE-2016-7924
CVE-2016-7925
CVE-2016-7926
CVE-2016-7927
CVE-2016-7928
CVE-2016-7929
CVE-2016-7930
CVE-2016-7931
CVE-2016-7932
CVE-2016-7933
CVE-2016-7934
CVE-2016-7935
CVE-2016-7936
CVE-2016-7937
CVE-2016-7938
CVE-2016-7939
CVE-2016-7940
CVE-2016-7973
CVE-2016-7974
CVE-2016-7975
CVE-2016-7983
CVE-2016-7984
CVE-2016-7985
CVE-2016-7986
CVE-2016-7992
CVE-2016-7993
CVE-2016-8574
CVE-2016-8575
CVE-2016-8687
CVE-2016-8688
CVE-2016-8689
CVE-2017-1000254
CVE-2017-1000256
CVE-2017-1000257
CVE-2017-11108
CVE-2017-11541
CVE-2017-11542
CVE-2017-11543
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12897
CVE-2017-12898
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12989
CVE-2017-12990
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-12994
CVE-2017-12995
CVE-2017-12996
CVE-2017-12997
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13011
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725
CVE-2017-15098
CVE-2017-15099
CVE-2017-18595
CVE-2017-2635
CVE-2017-5202
CVE-2017-5203
CVE-2017-5204
CVE-2017-5205
CVE-2017-5341
CVE-2017-5342
CVE-2017-5482
CVE-2017-5483
CVE-2017-5484
CVE-2017-5485
CVE-2017-5486
CVE-2017-5715
CVE-2018-1064
CVE-2018-10906
CVE-2018-12327
CVE-2018-12458
CVE-2018-13300
CVE-2018-13305
CVE-2018-15822
CVE-2018-17828
CVE-2018-2938
CVE-2018-2940
CVE-2018-2952
CVE-2018-2973
CVE-2018-3639
CVE-2018-3639
CVE-2018-5748
CVE-2018-7170
CVE-2019-14821
CVE-2019-15291
CVE-2019-9506
SUSE-SU-2015:0839-1
SUSE-SU-2016:1570-1
SUSE-SU-2016:2151-1
SUSE-SU-2016:2887-1
SUSE-SU-2017:2831-1
SUSE-SU-2017:3391-1
SUSE-SU-2018:3064-1
SUSE-SU-2018:3342-1
SUSE-SU-2018:3379-1
SUSE-SU-2018:3609-1
SUSE-SU-2019:2710-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • MozillaFirefox-60.0-lp150.2 is installed
  • OR MozillaFirefox-translations-common-60.0-lp150.2 is installed
  • OR MozillaFirefox-translations-other-60.0-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libpng16-1.6.34-lp151.3.3 is installed
  • OR libpng16-16-1.6.34-lp151.3.3 is installed
  • OR libpng16-16-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-compat-devel-1.6.34-lp151.3.3 is installed
  • OR libpng16-compat-devel-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-devel-1.6.34-lp151.3.3 is installed
  • OR libpng16-devel-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-tools-1.6.34-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-17.0.9esr-0.3 is installed
  • OR MozillaFirefox-translations-17.0.9esr-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • finch-2.6.6-0.23 is installed
  • OR libpurple-2.6.6-0.23 is installed
  • OR libpurple-lang-2.6.6-0.23 is installed
  • OR libpurple-meanwhile-2.6.6-0.23 is installed
  • OR libpurple-tcl-2.6.6-0.23 is installed
  • OR pidgin-2.6.6-0.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • MozillaFirefox-38.3.0esr-22 is installed
  • OR MozillaFirefox-translations-38.3.0esr-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND rsync-3.1.0-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.111-17 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.111-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • curl-7.37.0-37.8 is installed
  • OR libcurl4-7.37.0-37.8 is installed
  • OR libcurl4-32bit-7.37.0-37.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • fuse-2.9.3-6.3 is installed
  • OR libfuse2-2.9.3-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_67-60_64_24-default-11-2 is installed
  • OR kgraft-patch-3_12_67-60_64_24-xen-11-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_11-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND hardlink-1.0-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-27.32 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.212-27.32 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.212-27.32 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.212-27.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_85-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_32-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_11-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • dovecot22-2.2.30.2-14 is installed
  • OR dovecot22-backend-mysql-2.2.30.2-14 is installed
  • OR dovecot22-backend-pgsql-2.2.30.2-14 is installed
  • OR dovecot22-backend-sqlite-2.2.30.2-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-68.1.0-109.89 is installed
  • OR MozillaFirefox-branding-SLE-68-32.8 is installed
  • OR MozillaFirefox-translations-common-68.1.0-109.89 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_140-94_42-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • curl-7.37.0-37.31 is installed
  • OR libcurl4-7.37.0-37.31 is installed
  • OR libcurl4-32bit-7.37.0-37.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND davfs2-1.5.2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.12 is installed
  • OR libavcodec-devel-3.4.2-4.12 is installed
  • OR libavformat-devel-3.4.2-4.12 is installed
  • OR libavformat57-3.4.2-4.12 is installed
  • OR libavresample-devel-3.4.2-4.12 is installed
  • OR libavresample3-3.4.2-4.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.21 is installed
  • OR kernel-default-extra-4.12.14-197.21 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • xen-4.5.5_16-22.28 is installed
  • OR xen-doc-html-4.5.5_16-22.28 is installed
  • OR xen-kmp-default-4.5.5_16_k3.12.74_60.64.57-22.28 is installed
  • OR xen-libs-4.5.5_16-22.28 is installed
  • OR xen-libs-32bit-4.5.5_16-22.28 is installed
  • OR xen-tools-4.5.5_16-22.28 is installed
  • OR xen-tools-domU-4.5.5_16-22.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ansible-2.2.3.0-5 is installed
  • OR monasca-installer-20170912_10.45-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-urllib3-1.22-5.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Twisted-15.2.1-9.8 is installed
    • BACK