SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3114

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3114

Security update for ffmpeg

Type: security

Severity: moderate

Issued: 2024-09-03

Description:

This update for ffmpeg fixes the following issues:
  
- CVE-2020-22027: Fixed heap-based Buffer Overflow vulnerability exits in deflate16 at libavfilter/vf_neighbor.c (bsc#1186607)
- CVE-2021-38291: Fixed an assertion failure at src/libavutil/mathematics.c (bsc#1189428)
- CVE-2023-51798: Fixed floating point exception(FPE) via the interpolate function (bsc#1223304)

References

CVE: CVE-2023-51798
CVE: CVE-2021-38291
CVE: CVE-2020-22027
Bugzilla: 1223304 VUL-0: CVE-2023-51798: ffmpeg,ffmpeg-4: floating point exception(FPE) via the interpolate function in libavfilter/vf_minterpolate.c
Bugzilla: 1189428 VUL-1: CVE-2021-38291: ffmpeg: FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c
Bugzilla: 1186607 VUL-1: CVE-2020-22027: ffmpeg: A heap-based Buffer Overflow vulnerability exits in deflate16 at libavfilter/vf_neighbor.c

Packages

ffmpeg-3.4.2-150200.11.57.1