Overview

File _patchinfo of Package patchinfo.21291

<patchinfo incident="21291">
  <issue tracker="cve" id="2020-20896"/>
  <issue tracker="cve" id="2020-20895"/>
  <issue tracker="cve" id="2020-20892"/>
  <issue tracker="cve" id="2021-38094"/>
  <issue tracker="cve" id="2020-20899"/>
  <issue tracker="cve" id="2021-38092"/>
  <issue tracker="cve" id="2020-22042"/>
  <issue tracker="cve" id="2020-22037"/>
  <issue tracker="cve" id="2020-20891"/>
  <issue tracker="cve" id="2020-35965"/>
  <issue tracker="cve" id="2020-20902"/>
  <issue tracker="cve" id="2021-3566"/>
  <issue tracker="cve" id="2021-38093"/>
  <issue tracker="bnc" id="1190718">VUL-0: CVE-2020-20891: ffmpeg: Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c</issue>
  <issue tracker="bnc" id="1190729">VUL-0: CVE-2020-20902: ffmpeg: A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c</issue>
  <issue tracker="bnc" id="1187852">VUL-0: CVE-2020-35965: ffmpeg: out-of-bounds write in decode_frame in libavcodec/exr.c</issue>
  <issue tracker="bnc" id="1190733">VUL-0: CVE-2021-38092: ffmpeg: Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1190734">VUL-0: CVE-2021-38093: ffmpeg: Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1190723">VUL-0: CVE-2020-20896: ffmpeg: An issue was discovered in function latm_write_packet in libavformat/latmenc.c</issue>
  <issue tracker="bnc" id="1190719">VUL-0: CVE-2020-20892: ffmpeg: An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c</issue>
  <issue tracker="bnc" id="1190726">VUL-0: CVE-2020-20899: ffmpeg: Buffer Overflow vulnerability in function config_props in libavfilter/vf_bwdif.c</issue>
  <issue tracker="bnc" id="1186761">VUL-1: CVE-2020-22042: ffmpeg: Denial of Service vulnerability exists due to a memory leak is affected by: memory leak in the link_filter_inouts function in libavfilter/graphparser.c</issue>
  <issue tracker="bnc" id="1186756">VUL-1: CVE-2020-22037: ffmpeg: Denial of Service vulnerability exists due to a memory leak in avcodec_alloc_context3 at options.c</issue>
  <issue tracker="bnc" id="1190722">VUL-0: CVE-2020-20895: ffmpeg: Buffer Overflow vulnerability in function filter_vertically_##name in libavfilter/vf_avgblur.c</issue>
  <issue tracker="bnc" id="1190735">VUL-0: CVE-2021-38094: ffmpeg: Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1189166">VUL-0: CVE-2021-3566: ffmpeg: Exposure of sensitive information on ffmpeg version prior to 4.3</issue>
  <issue tracker="cve" id="2022-3109"/>
  <issue tracker="bnc" id="1206442">VUL-0: CVE-2022-3109: ffmpeg,ffmpeg-4: Null Pointer Dereference</issue>
  <packager>AZhou</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ffmpeg</summary>
  <description>This update for ffmpeg fixes the following issues:

- CVE-2022-3109: Fixed null pointer dereference in vp3_decode_frame() (bsc#1206442).
- CVE-2020-22042: Fixed a denial of service vulnerability led by a memory leak in the link_filter_inouts function in libavfilter/graphparser.c. (bsc#1186761)
- CVE-2021-38094: Fixed an integer overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c (bsc#1190735).
- CVE-2021-38093: Fixed an integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c (bsc#1190734).
- CVE-2021-38092: Fixed an Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c (bsc#1190733).
- CVE-2020-22037: Fixed a denial of service vulnerability due to a memory leak in avcodec_alloc_context3 at options.c (bsc#1186756).
- CVE-2021-3566: Fixed an exposure of sensitive information on ffmpeg version prior to 4.3 (bsc#1189166).
- CVE-2020-35965: Fixed an out-of-bounds write in decode_frame in libavcodec/exr.c (bsc#1187852).
- CVE-2020-20892: Fixed a division by zero in function filter_frame in libavfilter/vf_lenscorrection.c (bsc#1190719).
- CVE-2020-20891: Fixed a buffer overflow vulnerability in function config_input in libavfilter/vf_gblur.c (bsc#1190718).
- CVE-2020-20895: Fixed a buffer overflow vulnerability in function filter_vertically_##name in libavfilter/vf_avgblur.c (bsc#1190722).
- CVE-2020-20896: Fixed a NULL pointer dereference in function latm_write_packet in libavformat/latmenc.c (bsc#1190723).
- CVE-2020-20899: Fixed a buffer overflow vulnerability in function config_props in libavfilter/vf_bwdif.c (bsc#1190726).
- CVE-2020-20902: Fixed an out-of-bounds read vulnerability in long_term_filter function in g729postfilter.c (bsc#1190729).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places