File _patchinfo of Package patchinfo.32836

<patchinfo incident="32836">
  <issue tracker="bnc" id="1190731">VUL-0: CVE-2021-38090: ffmpeg: Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1190732">VUL-0: CVE-2021-38091: ffmpeg: Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1190728">VUL-0: CVE-2020-20901: ffmpeg: Buffer Overflow vulnerability in function filter_frame in libavfilter/vf_fieldorder.c</issue>
  <issue tracker="bnc" id="1190727">VUL-0: CVE-2020-20900: ffmpeg: Buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c</issue>
  <issue tracker="bnc" id="1190724">VUL-0: CVE-2020-20898: ffmpeg: Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c</issue>
  <issue tracker="bnc" id="1190721">VUL-0: CVE-2020-20894: ffmpeg: Buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c</issue>
  <issue tracker="bnc" id="1223070">VUL-0: CVE-2024-31578: ffmpeg,ffmpeg-4: heap use-after-free via the av_hwframe_ctx_init function.</issue>
  <issue tracker="bnc" id="1223235">VUL-0: CVE-2023-49502: ffmpeg: heap buffer overflow via the ff_bwdif_filter_intra_c function in libavfilter/bwdifdsp.c</issue>
  <issue tracker="cve" id="2021-38091"/>
  <issue tracker="cve" id="2021-38090"/>
  <issue tracker="cve" id="2020-20898"/>
  <issue tracker="cve" id="2021-38094"/>
  <issue tracker="cve" id="2020-20901"/>
  <issue tracker="cve" id="2020-20900"/>
  <issue tracker="cve" id="2020-20894"/>
  <issue tracker="cve" id="2024-31578"/>
  <issue tracker="cve" id="2023-49502"/>
  <packager>qzhao</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ffmpeg</summary>
  <description>This update for ffmpeg fixes the following issues:

- CVE-2024-31578: Fixed heap use-after-free via av_hwframe_ctx_init() when vulkan_frames init failed (bsc#1223070)
- CVE-2023-49502: Fixed heap buffer overflow via the ff_bwdif_filter_intra_c function in libavfilter/bwdifdsp.c (bsc#1223235)

Adding references for already fixed issues:
  
- CVE-2021-38091: Fixed integer overflow in function filter16_sobel in libavfilter/vf_convolution.c (bsc#1190732)
- CVE-2021-38090: Fixed integer overflow in function filter16_roberts in libavfilter/vf_convolution.c (bsc#1190731)
- CVE-2020-20898: Fixed integer overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c (bsc#1190724)
- CVE-2020-20901: Fixed buffer overflow vulnerability in function filter_frame in libavfilter/vf_fieldorder.c (bsc#1190728)
- CVE-2020-20900: Fixed buffer overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c (bsc#1190727)
- CVE-2020-20894: Fixed buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c (bsc#1190721)   
</description>
</patchinfo>