SUSE-SU-2024:3114-1

Опубликовано: 03 сент. 2024

Источник: suse-cvrf

Описание

Security update for ffmpeg

This update for ffmpeg fixes the following issues:

CVE-2020-22027: Fixed heap-based Buffer Overflow vulnerability exits in deflate16 at libavfilter/vf_neighbor.c (bsc#1186607)
CVE-2021-38291: Fixed an assertion failure at src/libavutil/mathematics.c (bsc#1189428)
CVE-2023-51798: Fixed floating point exception(FPE) via the interpolate function (bsc#1223304)

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP5

libavcodec57-3.4.2-150200.11.57.1

libavutil-devel-3.4.2-150200.11.57.1

libavutil55-3.4.2-150200.11.57.1

libpostproc-devel-3.4.2-150200.11.57.1

libpostproc54-3.4.2-150200.11.57.1

libswresample-devel-3.4.2-150200.11.57.1

libswresample2-3.4.2-150200.11.57.1

libswscale-devel-3.4.2-150200.11.57.1

libswscale4-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP6

libavcodec57-3.4.2-150200.11.57.1

libavutil-devel-3.4.2-150200.11.57.1

libavutil55-3.4.2-150200.11.57.1

libpostproc-devel-3.4.2-150200.11.57.1

libpostproc54-3.4.2-150200.11.57.1

libswresample-devel-3.4.2-150200.11.57.1

libswresample2-3.4.2-150200.11.57.1

libswscale-devel-3.4.2-150200.11.57.1

libswscale4-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Package Hub 15 SP5

ffmpeg-3.4.2-150200.11.57.1

libavdevice57-3.4.2-150200.11.57.1

libavfilter6-3.4.2-150200.11.57.1

libavformat57-3.4.2-150200.11.57.1

libavresample3-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Package Hub 15 SP6

ffmpeg-3.4.2-150200.11.57.1

libavdevice57-3.4.2-150200.11.57.1

libavfilter6-3.4.2-150200.11.57.1

libavformat57-3.4.2-150200.11.57.1

libavresample3-3.4.2-150200.11.57.1

SUSE Linux Enterprise Workstation Extension 15 SP5

libavcodec-devel-3.4.2-150200.11.57.1

libavformat-devel-3.4.2-150200.11.57.1

libavformat57-3.4.2-150200.11.57.1

libavresample-devel-3.4.2-150200.11.57.1

libavresample3-3.4.2-150200.11.57.1

SUSE Linux Enterprise Workstation Extension 15 SP6

libavcodec-devel-3.4.2-150200.11.57.1

libavformat-devel-3.4.2-150200.11.57.1

libavformat57-3.4.2-150200.11.57.1

libavresample-devel-3.4.2-150200.11.57.1

libavresample3-3.4.2-150200.11.57.1

openSUSE Leap 15.5

ffmpeg-3.4.2-150200.11.57.1

ffmpeg-private-devel-3.4.2-150200.11.57.1

libavcodec-devel-3.4.2-150200.11.57.1

libavcodec57-3.4.2-150200.11.57.1

libavcodec57-32bit-3.4.2-150200.11.57.1

libavdevice-devel-3.4.2-150200.11.57.1

libavdevice57-3.4.2-150200.11.57.1

libavdevice57-32bit-3.4.2-150200.11.57.1

libavfilter-devel-3.4.2-150200.11.57.1

libavfilter6-3.4.2-150200.11.57.1

libavfilter6-32bit-3.4.2-150200.11.57.1

libavformat-devel-3.4.2-150200.11.57.1

libavformat57-3.4.2-150200.11.57.1

libavformat57-32bit-3.4.2-150200.11.57.1

libavresample-devel-3.4.2-150200.11.57.1

libavresample3-3.4.2-150200.11.57.1

libavresample3-32bit-3.4.2-150200.11.57.1

libavutil-devel-3.4.2-150200.11.57.1

libavutil55-3.4.2-150200.11.57.1

libavutil55-32bit-3.4.2-150200.11.57.1

libpostproc-devel-3.4.2-150200.11.57.1

libpostproc54-3.4.2-150200.11.57.1

libpostproc54-32bit-3.4.2-150200.11.57.1

libswresample-devel-3.4.2-150200.11.57.1

libswresample2-3.4.2-150200.11.57.1

libswresample2-32bit-3.4.2-150200.11.57.1

libswscale-devel-3.4.2-150200.11.57.1

libswscale4-3.4.2-150200.11.57.1

libswscale4-32bit-3.4.2-150200.11.57.1

openSUSE Leap 15.6

ffmpeg-3.4.2-150200.11.57.1

ffmpeg-private-devel-3.4.2-150200.11.57.1

libavcodec-devel-3.4.2-150200.11.57.1

libavcodec57-3.4.2-150200.11.57.1

libavcodec57-32bit-3.4.2-150200.11.57.1

libavdevice-devel-3.4.2-150200.11.57.1

libavdevice57-3.4.2-150200.11.57.1

libavdevice57-32bit-3.4.2-150200.11.57.1

libavfilter-devel-3.4.2-150200.11.57.1

libavfilter6-3.4.2-150200.11.57.1

libavfilter6-32bit-3.4.2-150200.11.57.1

libavformat-devel-3.4.2-150200.11.57.1

libavformat57-3.4.2-150200.11.57.1

libavformat57-32bit-3.4.2-150200.11.57.1

libavresample-devel-3.4.2-150200.11.57.1

libavresample3-3.4.2-150200.11.57.1

libavresample3-32bit-3.4.2-150200.11.57.1

libavutil-devel-3.4.2-150200.11.57.1

libavutil55-3.4.2-150200.11.57.1

libavutil55-32bit-3.4.2-150200.11.57.1

libpostproc-devel-3.4.2-150200.11.57.1

libpostproc54-3.4.2-150200.11.57.1

libpostproc54-32bit-3.4.2-150200.11.57.1

libswresample-devel-3.4.2-150200.11.57.1

libswresample2-3.4.2-150200.11.57.1

libswresample2-32bit-3.4.2-150200.11.57.1

libswscale-devel-3.4.2-150200.11.57.1

libswscale4-3.4.2-150200.11.57.1

libswscale4-32bit-3.4.2-150200.11.57.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20243114-1/
Link for SUSE-SU-2024:3114-1
https://lists.suse.com/pipermail/sle-updates/2024-September/036758.html
E-Mail link for SUSE-SU-2024:3114-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186607
SUSE Bug 1186607
https://bugzilla.suse.com/1189428
SUSE Bug 1189428
https://bugzilla.suse.com/1223304
SUSE Bug 1223304
https://www.suse.com/security/cve/CVE-2020-22027/
SUSE CVE CVE-2020-22027 page
https://www.suse.com/security/cve/CVE-2021-38291/
SUSE CVE CVE-2021-38291 page
https://www.suse.com/security/cve/CVE-2023-51798/
SUSE CVE CVE-2023-51798 page

Описание

A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavcodec57-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavutil-devel-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavutil55-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libpostproc-devel-3.4.2-150200.11.57.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-22027.html
CVE-2020-22027
https://bugzilla.suse.com/1186607
SUSE Bug 1186607

Описание

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavcodec57-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavutil-devel-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavutil55-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libpostproc-devel-3.4.2-150200.11.57.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-38291.html
CVE-2021-38291
https://bugzilla.suse.com/1189428
SUSE Bug 1189428

Описание

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavcodec57-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavutil-devel-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libavutil55-3.4.2-150200.11.57.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libpostproc-devel-3.4.2-150200.11.57.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-51798.html
CVE-2023-51798
https://bugzilla.suse.com/1223304
SUSE Bug 1223304

SUSE-SU-2024:3114-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP5

SUSE Linux Enterprise Module for Desktop Applications 15 SP6

SUSE Linux Enterprise Module for Package Hub 15 SP5

SUSE Linux Enterprise Module for Package Hub 15 SP6

SUSE Linux Enterprise Workstation Extension 15 SP5

SUSE Linux Enterprise Workstation Extension 15 SP6

openSUSE Leap 15.5

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2020-22027

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-38291

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-51798

Описание

Затронутые продукты

Ссылки