File _patchinfo of Package patchinfo.39181

<patchinfo incident="39181">
  <issue tracker="cve" id="2022-1475"/>
  <issue tracker="cve" id="2024-36616"/>
  <issue tracker="cve" id="2024-36618"/>
  <issue tracker="cve" id="2024-36617"/>
  <issue tracker="bnc" id="1234020">VUL-0: CVE-2024-36618: ffmpeg,ffmpeg-4: FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.</issue>
  <issue tracker="bnc" id="1234018">VUL-0: CVE-2024-36616: ffmpeg,ffmpeg-4: An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.</issue>
  <issue tracker="bnc" id="1198898">VUL-1: CVE-2022-1475: ffmpeg,ffmpeg-4: integer overflow in g729_parse() in llibavcodec/g729_parser.c</issue>
  <issue tracker="bnc" id="1234019">VUL-0: CVE-2024-36617: ffmpeg,ffmpeg-4: FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.</issue>
  <packager>qzhao</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for ffmpeg</summary>
  <description>This update for ffmpeg fixes the following issues:

- CVE-2022-1475: Fixed integer overflow in g729_parse() in llibavcodec/g729_parser.c (bsc#1198898).
- CVE-2024-36616: Fixed integer overflow in the component libavformat/westwood_vqa.c (bsc#1234018).
- CVE-2024-36617: Fixed integer overflow vulnerability in the FFmpeg CAF decoder (bsc#1234019).
- CVE-2024-36618: Fixed vulnerability in the AVI demuxer of the libavformat library (bsc#1234020).
</description>
</patchinfo>