Oval Definition:oval:org.opensuse.security:def:70787
Revision Date:2021-07-14Version:1
Title:Security update for ffmpeg (Important)
Description:

This update for ffmpeg fixes the following issues:

- CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file (bsc#1172640). - CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c (bsc#1186406). - CVE-2019-17539: Fixed NULL pointer dereference in avcodec_open2 in libavcodec/utils.c (bsc# 1154065). - CVE-2020-22026: Fixed buffer overflow vulnerability in config_input() at libavfilter/af_tremolo.c (bsc#1186583). - CVE-2020-22021: Fixed buffer overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c (bsc#1186586). - CVE-2020-22020: Fixed buffer overflow vulnerability in build_diff_map() in libavfilter/vf_fieldmatch.c (bsc#1186587). - CVE-2020-22015: Fixed buffer overflow vulnerability in mov_write_video_tag() due to the out of bounds in libavformat/movenc.c (bsc#1186596). - CVE-2020-22016: Fixed a heap-based Buffer Overflow vulnerability at libavcodec/get_bits.h when writing .mov files (bsc#1186598). - CVE-2020-22017: Fixed a heap-based Buffer Overflow vulnerability in ff_fill_rectangle() in libavfilter/drawutils.c (bsc#1186600). - CVE-2020-22022: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_fieldorder.c (bsc#1186603). - CVE-2020-22023: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_bitplanenoise.c (bsc#1186604) - CVE-2020-22025: Fixed a heap-based Buffer Overflow vulnerability in gaussian_blur at libavfilter/vf_edgedetect.c (bsc#1186605). - CVE-2020-22031: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_w3fdif.c in filter16_complex_low() (bsc#1186613). - CVE-2020-22032: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_edgedetect.c in gaussian_blur() (bsc#1186614). - CVE-2020-22034: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_floodfill.c (bsc#1186616). - CVE-2020-20451: Fixed denial of service issue due to resource management errors via fftools/cmdutils.c (bsc#1186658). - CVE-2020-20448: Fixed divide by zero issue via libavcodec/ratecontrol.c (bsc#1186660). - CVE-2020-22038: Fixed denial of service vulnerability due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c (bsc#1186757). - CVE-2020-22039: Fixed denial of service vulnerability due to a memory leak in the inavi_add_ientry function (bsc#1186758). - CVE-2020-22043: Fixed denial of service vulnerability due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c (bsc#1186762). - CVE-2020-22044: Fixed denial of service vulnerability due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c (bsc#1186763). - CVE-2020-22033,CVE-2020-22019: Fixed a heap-based Buffer Overflow Vulnerability at libavfilter/vf_vmafmotion.c in convolution_y_8bit() and in convolution_y_10bit() in libavfilter/vf_vmafmotion.c (bsc#1186615, bsc#1186597).
Family:unixClass:patch
Status:Reference(s):1172640
1174091
1186406
1186583
1186586
1186587
1186596
1186597
1186598
1186600
1186603
1186604
1186605
1186613
1186614
1186615
1186616
1186658
1186660
1186757
1186758
1186762
1186763
CVE-2013-2877
CVE-2014-0191
CVE-2015-1819
CVE-2015-5312
CVE-2015-7497
CVE-2015-7498
CVE-2015-7499
CVE-2015-7500
CVE-2015-7941
CVE-2015-7942
CVE-2015-7995
CVE-2015-8035
CVE-2015-8241
CVE-2015-8242
CVE-2015-8317
CVE-2016-4658
CVE-2016-4738
CVE-2016-5131
CVE-2017-15412
CVE-2017-5029
CVE-2019-17539
CVE-2019-20907
CVE-2020-13904
CVE-2020-20448
CVE-2020-20451
CVE-2020-21041
CVE-2020-22015
CVE-2020-22016
CVE-2020-22017
CVE-2020-22019
CVE-2020-22020
CVE-2020-22021
CVE-2020-22022
CVE-2020-22023
CVE-2020-22025
CVE-2020-22026
CVE-2020-22031
CVE-2020-22032
CVE-2020-22033
CVE-2020-22034
CVE-2020-22038
CVE-2020-22039
CVE-2020-22043
CVE-2020-22044
SUSE-SU-2020:2276-1
SUSE-SU-2021:2322-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Python2 packages 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-nokogiri-1.8.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed
  • AND Package Information
  • python-2.7.17-7.41 is installed
  • OR python-base-2.7.17-7.41 is installed
  • OR python-curses-2.7.17-7.41 is installed
  • OR python-devel-2.7.17-7.41 is installed
  • OR python-gdbm-2.7.17-7.41 is installed
  • OR python-xml-2.7.17-7.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libavcodec-devel-3.4.2-11.3.1 is installed
  • OR libavformat-devel-3.4.2-11.3.1 is installed
  • OR libavresample-devel-3.4.2-11.3.1 is installed
  • OR libavresample3-3.4.2-11.3.1 is installed
    • BACK