Oval Definition:oval:org.opensuse.security:def:92982
Revision Date:2021-09-02Version:1
Title:Security update for ffmpeg (Important)
Description:

This update for ffmpeg fixes the following issues:

- CVE-2019-9721: Fixed a denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c (bsc#1129714). - CVE-2020-22046: Fixed a denial of service vulnerability due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849). - CVE-2020-22048: Fixed a denial of service vulnerability due to a memory leak in the ff_frame_pool_get function in framepool.c (bsc#1186859). - CVE-2020-22049: Fixed a denial of service vulnerability caused by a memory leak in the wtvfile_open_sector function in wtvdec.c (bsc#1186861). - CVE-2020-22054: Fixed a denial of service vulnerability due to a memory leak in the av_dict_set function in dict.c (bsc#1186863). - CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file (bsc#1172640). - CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c (bsc#1186406). - CVE-2019-17539: Fixed NULL pointer dereference in avcodec_open2 in libavcodec/utils.c (bsc# 1154065). - CVE-2020-22026: Fixed buffer overflow vulnerability in config_input() at libavfilter/af_tremolo.c (bsc#1186583). - CVE-2020-22021: Fixed buffer overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c (bsc#1186586). - CVE-2020-22020: Fixed buffer overflow vulnerability in build_diff_map() in libavfilter/vf_fieldmatch.c (bsc#1186587). - CVE-2020-22015: Fixed buffer overflow vulnerability in mov_write_video_tag() due to the out of bounds in libavformat/movenc.c (bsc#1186596). - CVE-2020-22016: Fixed a heap-based Buffer Overflow vulnerability at libavcodec/get_bits.h when writing .mov files (bsc#1186598). - CVE-2020-22017: Fixed a heap-based Buffer Overflow vulnerability in ff_fill_rectangle() in libavfilter/drawutils.c (bsc#1186600). - CVE-2020-22022: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_fieldorder.c (bsc#1186603). - CVE-2020-22023: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_bitplanenoise.c (bsc#1186604) - CVE-2020-22025: Fixed a heap-based Buffer Overflow vulnerability in gaussian_blur at libavfilter/vf_edgedetect.c (bsc#1186605). - CVE-2020-22031: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_w3fdif.c in filter16_complex_low() (bsc#1186613). - CVE-2020-22032: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_edgedetect.c in gaussian_blur() (bsc#1186614). - CVE-2020-22034: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_floodfill.c (bsc#1186616). - CVE-2020-20451: Fixed denial of service issue due to resource management errors via fftools/cmdutils.c (bsc#1186658). - CVE-2020-20448: Fixed divide by zero issue via libavcodec/ratecontrol.c (bsc#1186660). - CVE-2020-22038: Fixed denial of service vulnerability due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c (bsc#1186757). - CVE-2020-22039: Fixed denial of service vulnerability due to a memory leak in the inavi_add_ientry function (bsc#1186758). - CVE-2020-22043: Fixed denial of service vulnerability due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c (bsc#1186762). - CVE-2020-22044: Fixed denial of service vulnerability due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c (bsc#1186763). - CVE-2020-22033,CVE-2020-22019: Fixed a heap-based Buffer Overflow Vulnerability at libavfilter/vf_vmafmotion.c in convolution_y_8bit() and in convolution_y_10bit() in libavfilter/vf_vmafmotion.c (bsc#1186615, bsc#1186597). - CVE-2020-21688: Fixed a heap-use-after-free in the av_freep function in libavutil/mem.c (bsc#1189348). - CVE-2020-21697: Fixed a heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c (bsc#1189350). - CVE-2021-38114: Fixed a not checked return value of the init_vlc function (bsc#1189142).
Family:unixClass:patch
Status:Reference(s):1129714
1172640
1186406
1186583
1186586
1186587
1186596
1186597
1186598
1186600
1186603
1186604
1186605
1186613
1186614
1186615
1186616
1186658
1186660
1186757
1186758
1186762
1186763
1186849
1186859
1186861
1186863
1189142
1189348
1189350
CVE-2019-17539
CVE-2019-9721
CVE-2020-13904
CVE-2020-20448
CVE-2020-20451
CVE-2020-21041
CVE-2020-21688
CVE-2020-21697
CVE-2020-22015
CVE-2020-22016
CVE-2020-22017
CVE-2020-22019
CVE-2020-22020
CVE-2020-22021
CVE-2020-22022
CVE-2020-22023
CVE-2020-22025
CVE-2020-22026
CVE-2020-22031
CVE-2020-22032
CVE-2020-22033
CVE-2020-22034
CVE-2020-22038
CVE-2020-22039
CVE-2020-22043
CVE-2020-22044
CVE-2020-22046
CVE-2020-22048
CVE-2020-22049
CVE-2020-22054
CVE-2021-38114
SUSE-SU-2021:2929-1
Platform(s):SUSE Manager Proxy 4.0
Product(s):
Definition Synopsis
  • SUSE Manager Proxy 4.0 is installed
  • AND Package Information
  • libavcodec-devel-3.4.2-4.34.2 is installed
  • OR libavcodec57-3.4.2-4.34.2 is installed
  • OR libavcodec57-32bit-3.4.2-4.34.2 is installed
  • OR libavdevice-devel-3.4.2-4.34.2 is installed
  • OR libavdevice57-3.4.2-4.34.2 is installed
  • OR libavdevice57-32bit-3.4.2-4.34.2 is installed
  • OR libavfilter-devel-3.4.2-4.34.2 is installed
  • OR libavfilter6-3.4.2-4.34.2 is installed
  • OR libavfilter6-32bit-3.4.2-4.34.2 is installed
  • OR libavformat-devel-3.4.2-4.34.2 is installed
  • OR libavformat57-3.4.2-4.34.2 is installed
  • OR libavformat57-32bit-3.4.2-4.34.2 is installed
  • OR libavresample-devel-3.4.2-4.34.2 is installed
  • OR libavresample3-3.4.2-4.34.2 is installed
  • OR libavresample3-32bit-3.4.2-4.34.2 is installed
  • OR libavutil-devel-3.4.2-4.34.2 is installed
  • OR libavutil55-3.4.2-4.34.2 is installed
  • OR libavutil55-32bit-3.4.2-4.34.2 is installed
  • OR libpostproc-devel-3.4.2-4.34.2 is installed
  • OR libpostproc54-3.4.2-4.34.2 is installed
  • OR libpostproc54-32bit-3.4.2-4.34.2 is installed
  • OR libswresample-devel-3.4.2-4.34.2 is installed
  • OR libswresample2-3.4.2-4.34.2 is installed
  • OR libswresample2-32bit-3.4.2-4.34.2 is installed
  • OR libswscale-devel-3.4.2-4.34.2 is installed
  • OR libswscale4-3.4.2-4.34.2 is installed
  • OR libswscale4-32bit-3.4.2-4.34.2 is installed
  • BACK