Overview
Request 328378 superseded
- Update libvdpau to version 1.1.1 (bnc#943967,#943968,#943969)
libvdpau versions 1.1 and earlier, when used in setuid or setgid
applications, contain vulnerabilities related to environment
variable handling that could allow an attacker to execute
arbitrary code or overwrite arbitrary files. See CVE-2015-5198,
CVE-2015-5199, and CVE-2015-5200 for more details.
This release uses the secure_getenv() function, when available,
to fix these problems. The updated libvdpau will instead use a
fallback implementation of secure_getenv() when the platform
doesn't provide one.
If you use the NVIDIA .run installer packages, please see
https://devtalk.nvidia.com/default/topic/873035 for additional
information.
This release also adds tracing of HEVC picture structures to
libvdpau_trace.
- supersedes patch: libvdpau-nopdftex.patch
- Created by sndirsch
- In state superseded
- Supersedes 328327
- Superseded by 328655
- Open review for openSUSE:Factory:Staging:I
Request History
sndirsch created request
- Update libvdpau to version 1.1.1 (bnc#943967,#943968,#943969)
libvdpau versions 1.1 and earlier, when used in setuid or setgid
applications, contain vulnerabilities related to environment
variable handling that could allow an attacker to execute
arbitrary code or overwrite arbitrary files. See CVE-2015-5198,
CVE-2015-5199, and CVE-2015-5200 for more details.
This release uses the secure_getenv() function, when available,
to fix these problems. The updated libvdpau will instead use a
fallback implementation of secure_getenv() when the platform
doesn't provide one.
If you use the NVIDIA .run installer packages, please see
https://devtalk.nvidia.com/default/topic/873035 for additional
information.
This release also adds tracing of HEVC picture structures to
libvdpau_trace.
- supersedes patch: libvdpau-nopdftex.patch
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
dimstar accepted review
ok
factory-repo-checker accepted review
Builds for repo X11:XOrg/openSUSE_Factory
mlin7442 set openSUSE:Factory:Staging:I as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:I"
mlin7442 accepted review
Picked openSUSE:Factory:Staging:I
superseded by 328655