openSUSE-SU-2021:3521-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:3521-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2021:3521-1
- Related
- Published
- 2021-10-26T13:39:27Z
- Modified
- 2021-10-26T13:39:27Z
- Summary
- Security update for ffmpeg
- Details
-
This update for ffmpeg fixes the following issues:
- CVE-2021-3566: Fixed information leak (bsc#1189166).
- CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert() (bsc#1190734)
- CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt() (bsc#1190733)
- CVE-2021-38094: Fixed integer overflow vulnerability in filter_sobel() (bsc#1190735)
- CVE-2020-22037: Fixed denial of service vulnerability caused by memory leak in avcodecalloccontext3() (bsc#1186756)
- CVE-2020-35965: Fixed out-of-bounds write in decode_frame() (bsc#1187852)
- CVE-2020-20892: Fixed an issue with filter_frame() (bsc#1190719)
- CVE-2020-20891: Fixed a buffer overflow vulnerability in config_input() (bsc#1190718)
- CVE-2020-20895: Fixed a buffer overflow vulnerability in function filtervertically##name (bsc#1190722)
- CVE-2020-20896: Fixed an issue with latmwritepacket() (bsc#1190723)
- CVE-2020-20899: Fixed a buffer overflow vulnerability in config_props() (bsc#1190726)
- CVE-2020-20902: Fixed an out-of-bounds read vulnerabilit longtermfilter() (bsc#1190729)
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HVCB2YATP2LRWUBIGFYZQUFV52VSFT2B/
- https://bugzilla.suse.com/1186756
- https://bugzilla.suse.com/1187852
- https://bugzilla.suse.com/1189166
- https://bugzilla.suse.com/1190718
- https://bugzilla.suse.com/1190719
- https://bugzilla.suse.com/1190722
- https://bugzilla.suse.com/1190723
- https://bugzilla.suse.com/1190726
- https://bugzilla.suse.com/1190729
- https://bugzilla.suse.com/1190733
- https://bugzilla.suse.com/1190734
- https://bugzilla.suse.com/1190735
- https://www.suse.com/security/cve/CVE-2020-20891
- https://www.suse.com/security/cve/CVE-2020-20892
- https://www.suse.com/security/cve/CVE-2020-20895
- https://www.suse.com/security/cve/CVE-2020-20896
- https://www.suse.com/security/cve/CVE-2020-20899
- https://www.suse.com/security/cve/CVE-2020-20902
- https://www.suse.com/security/cve/CVE-2020-22037
- https://www.suse.com/security/cve/CVE-2020-35965
- https://www.suse.com/security/cve/CVE-2021-3566
- https://www.suse.com/security/cve/CVE-2021-38092
- https://www.suse.com/security/cve/CVE-2021-38093
- https://www.suse.com/security/cve/CVE-2021-38094
Affected packages
openSUSE:Leap 15.3 / ffmpeg
Package
- Name
- ffmpeg
- Purl
- purl:rpm/suse/ffmpeg&distro=openSUSE%20Leap%2015.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.2-11.17.1
Ecosystem specific
{
"binaries": [
{
"ffmpeg-private-devel": "3.4.2-11.17.1",
"libswresample2": "3.4.2-11.17.1",
"libavfilter6": "3.4.2-11.17.1",
"libswresample2-32bit": "3.4.2-11.17.1",
"libpostproc-devel": "3.4.2-11.17.1",
"libswscale4": "3.4.2-11.17.1",
"libavformat57": "3.4.2-11.17.1",
"libavcodec57-32bit": "3.4.2-11.17.1",
"libavformat57-32bit": "3.4.2-11.17.1",
"libavfilter-devel": "3.4.2-11.17.1",
"libavresample3": "3.4.2-11.17.1",
"libpostproc54-32bit": "3.4.2-11.17.1",
"libavutil55": "3.4.2-11.17.1",
"libavresample3-32bit": "3.4.2-11.17.1",
"libavresample-devel": "3.4.2-11.17.1",
"libavdevice57": "3.4.2-11.17.1",
"libswscale4-32bit": "3.4.2-11.17.1",
"libavdevice57-32bit": "3.4.2-11.17.1",
"libavdevice-devel": "3.4.2-11.17.1",
"libavcodec57": "3.4.2-11.17.1",
"libavutil-devel": "3.4.2-11.17.1",
"libavcodec-devel": "3.4.2-11.17.1",
"ffmpeg": "3.4.2-11.17.1",
"libswscale-devel": "3.4.2-11.17.1",
"libavformat-devel": "3.4.2-11.17.1",
"libswresample-devel": "3.4.2-11.17.1",
"libpostproc54": "3.4.2-11.17.1",
"libavfilter6-32bit": "3.4.2-11.17.1",
"libavutil55-32bit": "3.4.2-11.17.1"
}
]
}