Update Info

openSUSE-2019-1897


Security update for vlc


Type: security
Severity: important
Issued: 2019-08-15
Description:
This update for vlc to version 3.0.7.1 fixes the following issues:

Security issues fixed:
	  
- CVE-2019-5439: Fixed a buffer overflow (bsc#1138354).
- CVE-2019-5459: Fixed an integer underflow (bsc#1143549).
- CVE-2019-5460: Fixed a double free (bsc#1143547).
- CVE-2019-12874: Fixed a double free in zlib_decompress_extra in modules/demux/mkv/util.cpp (bsc#1138933).
- CVE-2019-13602: Fixed an integer underflow in mp4 demuxer (boo#1141522).
- CVE-2019-13962: Fixed a heap-based buffer over-read in avcodec (boo#1142161).

Non-security issues fixed:

- Video Output:
  * Fix hardware acceleration with some AMD drivers
  * Improve direct3d11 HDR support
- Access:
  * Improve Blu-ray support
- Audio output:
  * Fix pass-through on Android-23
  * Fix DirectSound drain
- Demux: Improve MP4 support
- Video Output:
  * Fix 12 bits sources playback with Direct3D11
  * Fix crash on iOS
  * Fix midstream aspect-ratio changes when Windows hardware decoding is on
  * Fix HLG display with Direct3D11
- Stream Output: Improve Chromecast support with new ChromeCast apps
- Misc:
  * Update Youtube, Dailymotion, Vimeo, Soundcloud scripts
  * Work around busy looping when playing an invalid item with loop enabled
- Updated translations.

This update was imported from the openSUSE:Leap:15.1:Update update project.

              

Packages


  • vlc-3.0.7.1-bp151.5.3.3