SUSE-SU-2015:1925-1

Описание

libvdpau was updated to use secure_getenv() instead of getenv() for several variables so it can be more safely used in setuid applications.

• CVE-2015-5198: libvdpau: incorrect check for security transition (bnc#943967)
• CVE-2015-5199: libvdpau: directory traversal in dlopen (bnc#943968)
• CVE-2015-5200: libvdpau: vulnerability in trace functionality (bnc#943969)