Overview

File _patchinfo of Package patchinfo.21544

<patchinfo incident="21544">
  <issue tracker="cve" id="2020-20891"/>
  <issue tracker="cve" id="2020-22037"/>
  <issue tracker="cve" id="2021-38093"/>
  <issue tracker="cve" id="2020-20896"/>
  <issue tracker="cve" id="2020-20902"/>
  <issue tracker="cve" id="2021-38092"/>
  <issue tracker="cve" id="2020-35965"/>
  <issue tracker="cve" id="2020-20895"/>
  <issue tracker="cve" id="2021-38094"/>
  <issue tracker="cve" id="2021-3566"/>
  <issue tracker="cve" id="2020-20899"/>
  <issue tracker="cve" id="2020-20892"/>
  <issue tracker="bnc" id="1190734">VUL-0: CVE-2021-38093: ffmpeg: Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1189166">VUL-0: CVE-2021-3566: ffmpeg: Exposure of sensitive information on ffmpeg version prior to 4.3</issue>
  <issue tracker="bnc" id="1190726">VUL-0: CVE-2020-20899: ffmpeg: Buffer Overflow vulnerability in function config_props in libavfilter/vf_bwdif.c</issue>
  <issue tracker="bnc" id="1190722">VUL-0: CVE-2020-20895: ffmpeg: Buffer Overflow vulnerability in function filter_vertically_##name in libavfilter/vf_avgblur.c</issue>
  <issue tracker="bnc" id="1190729">VUL-0: CVE-2020-20902: ffmpeg: A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c</issue>
  <issue tracker="bnc" id="1190735">VUL-0: CVE-2021-38094: ffmpeg: Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1190719">VUL-0: CVE-2020-20892: ffmpeg: An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c</issue>
  <issue tracker="bnc" id="1190733">VUL-0: CVE-2021-38092: ffmpeg: Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1186756">VUL-1: CVE-2020-22037: ffmpeg: Denial of Service vulnerability exists due to a memory leak in avcodec_alloc_context3 at options.c</issue>
  <issue tracker="bnc" id="1190718">VUL-0: CVE-2020-20891: ffmpeg: Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c</issue>
  <issue tracker="bnc" id="1187852">VUL-0: CVE-2020-35965: ffmpeg: out-of-bounds write in decode_frame in libavcodec/exr.c</issue>
  <issue tracker="bnc" id="1190723">VUL-0: CVE-2020-20896: ffmpeg: An issue was discovered in function latm_write_packet in libavformat/latmenc.c</issue>
  <packager>AZhou</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for ffmpeg</summary>
  <description>This update for ffmpeg fixes the following issues:

- CVE-2021-3566: Fixed information leak (bsc#1189166).
- CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert() (bsc#1190734)
- CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt() (bsc#1190733)
- CVE-2021-38094: Fixed integer overflow vulnerability in filter_sobel() (bsc#1190735)
- CVE-2020-22037: Fixed denial of service vulnerability caused by memory leak in avcodec_alloc_context3() (bsc#1186756)
- CVE-2020-35965: Fixed out-of-bounds write in decode_frame() (bsc#1187852)
- CVE-2020-20892: Fixed an issue with filter_frame() (bsc#1190719)
- CVE-2020-20891: Fixed a buffer overflow vulnerability in config_input() (bsc#1190718)
- CVE-2020-20895: Fixed a buffer overflow vulnerability in function filter_vertically_##name (bsc#1190722)
- CVE-2020-20896: Fixed an issue with latm_write_packet() (bsc#1190723)
- CVE-2020-20899: Fixed a buffer overflow vulnerability in config_props() (bsc#1190726)
- CVE-2020-20902: Fixed an out-of-bounds read vulnerabilit long_term_filter() (bsc#1190729)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places