SUSE-SU-2023:0172-1

Опубликовано: 26 янв. 2023

Источник: suse-cvrf

Описание

Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues:

CVE-2022-3341: Fixed a potential crash when processing a crafted NUT stream (bsc#1206778).

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

libavcodec58_134-4.4-150400.3.11.1

libavformat58_76-4.4-150400.3.11.1

libavutil56_70-4.4-150400.3.11.1

libpostproc55_9-4.4-150400.3.11.1

libswresample3_9-4.4-150400.3.11.1

SUSE Linux Enterprise Module for Package Hub 15 SP4

libavformat58_76-4.4-150400.3.11.1

SUSE Linux Enterprise Workstation Extension 15 SP4

libavformat58_76-4.4-150400.3.11.1

libswscale5_9-4.4-150400.3.11.1

openSUSE Leap 15.4

ffmpeg-4-4.4-150400.3.11.1

ffmpeg-4-libavcodec-devel-4.4-150400.3.11.1

ffmpeg-4-libavdevice-devel-4.4-150400.3.11.1

ffmpeg-4-libavfilter-devel-4.4-150400.3.11.1

ffmpeg-4-libavformat-devel-4.4-150400.3.11.1

ffmpeg-4-libavresample-devel-4.4-150400.3.11.1

ffmpeg-4-libavutil-devel-4.4-150400.3.11.1

ffmpeg-4-libpostproc-devel-4.4-150400.3.11.1

ffmpeg-4-libswresample-devel-4.4-150400.3.11.1

ffmpeg-4-libswscale-devel-4.4-150400.3.11.1

ffmpeg-4-private-devel-4.4-150400.3.11.1

libavcodec58_134-4.4-150400.3.11.1

libavcodec58_134-32bit-4.4-150400.3.11.1

libavdevice58_13-4.4-150400.3.11.1

libavdevice58_13-32bit-4.4-150400.3.11.1

libavfilter7_110-4.4-150400.3.11.1

libavfilter7_110-32bit-4.4-150400.3.11.1

libavformat58_76-4.4-150400.3.11.1

libavformat58_76-32bit-4.4-150400.3.11.1

libavresample4_0-4.4-150400.3.11.1

libavresample4_0-32bit-4.4-150400.3.11.1

libavutil56_70-4.4-150400.3.11.1

libavutil56_70-32bit-4.4-150400.3.11.1

libpostproc55_9-4.4-150400.3.11.1

libpostproc55_9-32bit-4.4-150400.3.11.1

libswresample3_9-4.4-150400.3.11.1

libswresample3_9-32bit-4.4-150400.3.11.1

libswscale5_9-4.4-150400.3.11.1

libswscale5_9-32bit-4.4-150400.3.11.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230172-1/
Link for SUSE-SU-2023:0172-1
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013546.html
E-Mail link for SUSE-SU-2023:0172-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1206778
SUSE Bug 1206778
https://www.suse.com/security/cve/CVE-2022-3341/
SUSE CVE CVE-2022-3341 page

Описание

A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libavcodec58_134-4.4-150400.3.11.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libavformat58_76-4.4-150400.3.11.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libavutil56_70-4.4-150400.3.11.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libpostproc55_9-4.4-150400.3.11.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-3341.html
CVE-2022-3341
https://bugzilla.suse.com/1206778
SUSE Bug 1206778

SUSE-SU-2023:0172-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

SUSE Linux Enterprise Module for Package Hub 15 SP4

SUSE Linux Enterprise Workstation Extension 15 SP4

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-3341

Описание

Затронутые продукты

Ссылки