Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.3:Update
patchinfo.11540
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.11540
<patchinfo incident="11540"> <issue tracker="cve" id="2019-17542"/> <issue tracker="cve" id="2019-12730"/> <issue tracker="cve" id="2018-13301"/> <issue tracker="cve" id="2019-9718"/> <issue tracker="bnc" id="1154064">VUL-0: CVE-2019-17542: ffmpeg: heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c</issue> <issue tracker="bnc" id="1100352">VUL-1: CVE-2018-13301: ffmpeg: missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference</issue> <issue tracker="bnc" id="1137526">VUL-1: CVE-2019-12730: ffmpeg: aa_read_header in libavformat/aadec.c does not check for sscanf failure and consequently allows use of uninitialized variables</issue> <issue tracker="bnc" id="1129715">VUL-1: CVE-2019-9718: ffmpeg: denial of service in the subtitle decoder in ff_htmlmarkup_to_ass from libavcodec/htmlsubtitles.c</issue> <category>security</category> <rating>important</rating> <packager>zhengqiang</packager> <description>This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2019-17542: Fixed a heap-buffer overflow in vqa_decode_chunk due to an out-of-array access (bsc#1154064). - CVE-2019-12730: Fixed an uninitialized use of variables due to an improper check (bsc#1137526). - CVE-2019-9718: Fixed a denial of service in the subtitle decode (bsc#1129715). - CVE-2018-13301: Fixed a denial of service while converting a crafted AVI file to MPEG4 (bsc#1100352). </description> <summary>Security update for ffmpeg</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor