Overview
Request 904700 accepted
- Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix
a denial of service vulnerability exists in FFmpeg 4.2 due to a
memory leak in the avpriv_float_dsp_allocl function in
libavutil/float_dsp.c (bsc#1186849).
- Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an
out-of-bounds array access because dc_count is not strictly
checked (bsc#1186865).
Request History
AZhou created request
- Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix
a denial of service vulnerability exists in FFmpeg 4.2 due to a
memory leak in the avpriv_float_dsp_allocl function in
libavutil/float_dsp.c (bsc#1186849).
- Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an
out-of-bounds array access because dc_count is not strictly
checked (bsc#1186865).
jengelh accepted review
jengelh approved review
jengelh accepted request
This doesn't compile correctly with 4.4 in non crippled mode.
https://build.opensuse.org/request/show/905444 attempts to fix this issue.