SUSE-SU-2023:0008-1

Опубликовано: 02 янв. 2023

Источник: suse-cvrf

Описание

Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues:

CVE-2022-3109: Fixed null pointer dereference in vp3_decode_frame() (bsc#1206442).

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

libavcodec58_134-4.4-150400.3.8.1

libavutil56_70-4.4-150400.3.8.1

libswresample3_9-4.4-150400.3.8.1

SUSE Linux Enterprise Module for Package Hub 15 SP4

libavformat58_76-4.4-150400.3.8.1

SUSE Linux Enterprise Workstation Extension 15 SP4

libavformat58_76-4.4-150400.3.8.1

libswscale5_9-4.4-150400.3.8.1

openSUSE Leap 15.4

ffmpeg-4-4.4-150400.3.8.1

ffmpeg-4-libavcodec-devel-4.4-150400.3.8.1

ffmpeg-4-libavdevice-devel-4.4-150400.3.8.1

ffmpeg-4-libavfilter-devel-4.4-150400.3.8.1

ffmpeg-4-libavformat-devel-4.4-150400.3.8.1

ffmpeg-4-libavresample-devel-4.4-150400.3.8.1

ffmpeg-4-libavutil-devel-4.4-150400.3.8.1

ffmpeg-4-libpostproc-devel-4.4-150400.3.8.1

ffmpeg-4-libswresample-devel-4.4-150400.3.8.1

ffmpeg-4-libswscale-devel-4.4-150400.3.8.1

ffmpeg-4-private-devel-4.4-150400.3.8.1

libavcodec58_134-4.4-150400.3.8.1

libavcodec58_134-32bit-4.4-150400.3.8.1

libavdevice58_13-4.4-150400.3.8.1

libavdevice58_13-32bit-4.4-150400.3.8.1

libavfilter7_110-4.4-150400.3.8.1

libavfilter7_110-32bit-4.4-150400.3.8.1

libavformat58_76-4.4-150400.3.8.1

libavformat58_76-32bit-4.4-150400.3.8.1

libavresample4_0-4.4-150400.3.8.1

libavresample4_0-32bit-4.4-150400.3.8.1

libavutil56_70-4.4-150400.3.8.1

libavutil56_70-32bit-4.4-150400.3.8.1

libpostproc55_9-4.4-150400.3.8.1

libpostproc55_9-32bit-4.4-150400.3.8.1

libswresample3_9-4.4-150400.3.8.1

libswresample3_9-32bit-4.4-150400.3.8.1

libswscale5_9-4.4-150400.3.8.1

libswscale5_9-32bit-4.4-150400.3.8.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230008-1/
Link for SUSE-SU-2023:0008-1
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013404.html
E-Mail link for SUSE-SU-2023:0008-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1206442
SUSE Bug 1206442
https://www.suse.com/security/cve/CVE-2022-3109/
SUSE CVE CVE-2022-3109 page

Описание

An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libavcodec58_134-4.4-150400.3.8.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libavutil56_70-4.4-150400.3.8.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libswresample3_9-4.4-150400.3.8.1

SUSE Linux Enterprise Module for Package Hub 15 SP4:libavformat58_76-4.4-150400.3.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-3109.html
CVE-2022-3109
https://bugzilla.suse.com/1206442
SUSE Bug 1206442

SUSE-SU-2023:0008-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

SUSE Linux Enterprise Module for Package Hub 15 SP4

SUSE Linux Enterprise Workstation Extension 15 SP4

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-3109

Описание

Затронутые продукты

Ссылки