SUSE-SU-2021:2322-1 -- SLES ffmpeg, libavcodec57, libavformat57, libavutil-devel, libavutil55, libpostproc-devel, libpostproc54, libswresample-devel, libswresample2, libswscale-devel, libswscale4ID: oval:org.secpod.oval:def:89047109 | Date: (C)2022-10-21 (M)2023-12-26 |
Class: PATCH | Family: unix |
This update for ffmpeg fixes the following issues: - CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file . - CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c . - CVE-2019-17539: Fixed NULL pointer dereference in avcodec_open2 in libavcodec/utils.c . - CVE-2020-22026: Fixed buffer overflow vulnerability in config_input at libavfilter/af_tremolo.c . - CVE-2020-22021: Fixed buffer overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c . - CVE-2020-22020: Fixed buffer overflow vulnerability in build_diff_map in libavfilter/vf_fieldmatch.c . - CVE-2020-22015: Fixed buffer overflow vulnerability in mov_write_video_tag due to the out of bounds in libavformat/movenc.c . - CVE-2020-22016: Fixed a heap-based Buffer Overflow vulnerability at libavcodec/get_bits.h when writing .mov files . - CVE-2020-22017: Fixed a heap-based Buffer Overflow vulnerability in ff_fill_rectangle in libavfilter/drawutils.c . - CVE-2020-22022: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_fieldorder.c . - CVE-2020-22023: Fixed a heap-based Buffer Overflow vulnerability in filter_frame at libavfilter/vf_bitplanenoise.c - CVE-2020-22025: Fixed a heap-based Buffer Overflow vulnerability in gaussian_blur at libavfilter/vf_edgedetect.c . - CVE-2020-22031: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_w3fdif.c in filter16_complex_low . - CVE-2020-22032: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_edgedetect.c in gaussian_blur . - CVE-2020-22034: Fixed a heap-based Buffer Overflow vulnerability at libavfilter/vf_floodfill.c . - CVE-2020-20451: Fixed denial of service issue due to resource management errors via fftools/cmdutils.c . - CVE-2020-20448: Fixed divide by zero issue via libavcodec/ratecontrol.c . - CVE-2020-22038: Fixed denial of service vulnerability due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c . - CVE-2020-22039: Fixed denial of service vulnerability due to a memory leak in the inavi_add_ientry function . - CVE-2020-22043: Fixed denial of service vulnerability due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c . - CVE-2020-22044: Fixed denial of service vulnerability due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c . - CVE-2020-22033,CVE-2020-22019: Fixed a heap-based Buffer Overflow Vulnerability at libavfilter/vf_vmafmotion.c in convolution_y_8bit and in convolution_y_10bit in libavfilter/vf_vmafmotion.c .
Platform: |
SUSE Linux Enterprise Desktop 15 SP2 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
ffmpeg |
libavcodec57 |
libavformat57 |
libavutil-devel |
libavutil55 |
libpostproc-devel |
libpostproc54 |
libswresample-devel |
libswresample2 |
libswscale-devel |
libswscale4 |