Oval Definition:oval:org.opensuse.security:def:68525
Revision Date:2021-09-02Version:1
Title:Security update for ffmpeg (Important)
Description:

This update for ffmpeg fixes the following issues:

- CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c (bsc#1129714). - CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849). - CVE-2020-22048: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c (bsc#1186859). - CVE-2020-22049: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c (bsc#1186861). - CVE-2020-22054: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c (bsc#1186863). - CVE-2020-21688: Fixed a heap-use-after-free in the av_freep function in libavutil/mem.c (bsc#1189348). - CVE-2020-21697: Fixed a heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c (bsc#1189350). - CVE-2021-38114: Fixed a not checked return value of the init_vlc function (bsc#1189142).
Family:unixClass:patch
Status:Reference(s):1103320
1129714
1146569
1146571
1146572
1146702
1154036
1154037
1186849
1186859
1186861
1186863
1189142
1189348
1189350
CVE-2019-15142
CVE-2019-15143
CVE-2019-15144
CVE-2019-15145
CVE-2019-17594
CVE-2019-17595
CVE-2019-9721
CVE-2020-21688
CVE-2020-21697
CVE-2020-22046
CVE-2020-22048
CVE-2020-22049
CVE-2020-22054
CVE-2021-38114
SUSE-SU-2019:2452-1
SUSE-SU-2019:2997-1
SUSE-SU-2021:2919-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • djvulibre-3.5.27-3.3 is installed
  • OR libdjvulibre-devel-3.5.27-3.3 is installed
  • OR libdjvulibre21-3.5.27-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • ncurses-6.1-5.6 is installed
  • OR ncurses-devel-32bit-6.1-5.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND Package Information
  • ffmpeg-3.4.2-11.8.2 is installed
  • OR libavdevice57-3.4.2-11.8.2 is installed
  • OR libavfilter6-3.4.2-11.8.2 is installed
  • BACK