Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
openSUSE Update for ffmpeg-4 openSUSE-SU-2020:0024-1 (ffmpeg-4)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'ffmpeg-4' package(s) announced via the openSUSE-SU-2020:0024_1 advisory.
Insight
Insight
This update for ffmpeg-4 fixes the following issues: ffmpeg-4 was updated to version 4.0.5, fixes boo#1133153 - CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified. (bsc#1133153) - For other changes see /usr/share/doc/packages/libavcodec58/Changelog Update to version 4.2.1: * Stable bug fix release, mainly codecs and format fixes. - CVE-2019-15942: Conditional jump or move depends on uninitialised value' issue in h2645_parse (boo#1149839) Update to FFmpeg 4.2 'Ada' * tpad filter * AV1 decoding support through libdav1d * dedot filter * chromashift and rgbashift filters * freezedetect filter * truehd_core bitstream filter * dhav demuxer * PCM-DVD encoder * GIF parser * vividas demuxer * hymt decoder * anlmdn filter * maskfun filter * hcom demuxer and decoder * ARBC decoder * libaribb24 based ARIB STD-B24 caption support (profiles A and C) * Support decoding of HEVC 4:4:4 content in nvdec and cuviddec * removed libndi-newtek * agm decoder * KUX demuxer * AV1 frame split bitstream filter * lscr decoder * lagfun filter * asoftclip filter * Support decoding of HEVC 4:4:4 content in vdpau * colorhold filter * xmedian filter * asr filter * showspatial multimedia filter * VP4 video decoder * IFV demuxer * derain filter * deesser filter * mov muxer writes tracks with unspecified language instead of English by default * added support for using clang to compile CUDA kernels - See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog. Update to version 4.1.4 * See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog. - Enable runtime enabling for fdkaac via --enable-libfdk-aac-dlopen Update to version 4.1.3: * Updates and bug fixes for codecs, filters and formats. [boo#1133153, boo#1133155, CVE-2019-11338, CVE-2019-11339] Update to version 4.1.2: * Updates and bug fixes for codecs, filters and formats. Update to version 4.1.1: * Various filter and codec fixes and enhancements. * configure: Add missing xlib dependency for VAAPI X11 code. * For complete changelog, see /usr/share/doc/packages/ffmpeg-4/Changelog * enable AV1 support on x86_64 Update ffmpeg to 4.1: * Lots of filter updates as usual: deblock, tmix, aplify, fftdnoiz, aderivative, aintegral, pal75bars, pal100bars, adeclick, adeclip, lensfun (wrapper), colorconstancy, 1D LUT filter (lut1d), cue, acue, transpose_npp, amul ... Description truncated. Please see the references for more information.
Affected Software
Affected Software
'ffmpeg-4' package(s) on openSUSE Leap 15.1.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).