OVAL Reference oval:org.opensuse.security:def:68525

Oval Definition:

oval:org.opensuse.security:def:68525

Revision Date:	2021-09-02	Version:	1
Title:	Security update for ffmpeg (Important)
Description:	This update for ffmpeg fixes the following issues: - CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c (bsc#1129714). - CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849). - CVE-2020-22048: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c (bsc#1186859). - CVE-2020-22049: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c (bsc#1186861). - CVE-2020-22054: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c (bsc#1186863). - CVE-2020-21688: Fixed a heap-use-after-free in the av_freep function in libavutil/mem.c (bsc#1189348). - CVE-2020-21697: Fixed a heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c (bsc#1189350). - CVE-2021-38114: Fixed a not checked return value of the init_vlc function (bsc#1189142).
Family:	unix	Class:	patch
Status:		Reference(s):	1103320 1129714 1146569 1146571 1146572 1146702 1154036 1154037 1186849 1186859 1186861 1186863 1189142 1189348 1189350 CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145 CVE-2019-17594 CVE-2019-17595 CVE-2019-9721 CVE-2020-21688 CVE-2020-21697 CVE-2020-22046 CVE-2020-22048 CVE-2020-22049 CVE-2020-22054 CVE-2021-38114 SUSE-SU-2019:2452-1 SUSE-SU-2019:2997-1 SUSE-SU-2021:2919-1
Platform(s):	SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1	Product(s):
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information djvulibre-3.5.27-3.3 is installed OR libdjvulibre-devel-3.5.27-3.3 is installed OR libdjvulibre21-3.5.27-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information ncurses-6.1-5.6 is installed OR ncurses-devel-32bit-6.1-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed AND Package Information ffmpeg-3.4.2-11.8.2 is installed OR libavdevice57-3.4.2-11.8.2 is installed OR libavfilter6-3.4.2-11.8.2 is installed

BACK