openSUSE Security Update: Security update for ffmpeg-4
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:0024-1
Rating: moderate
References: #1100345 #1133123 #1133153 #1133155 #1149839
Cross-References: CVE-2017-17555 CVE-2018-13305 CVE-2019-11338
CVE-2019-11339 CVE-2019-15942
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for ffmpeg-4 fixes the following issues:
ffmpeg-4 was updated to version 4.0.5, fixes boo#1133153
– CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c
in FFmpeg 4.0 allowed remote attackers to cause a denial of service
(out-of-array access) or possibly have unspecified. (bsc#1133153)
– For other changes see /usr/share/doc/packages/libavcodec58/Changelog
Update to version 4.2.1:
* Stable bug fix release, mainly codecs and format fixes.
– CVE-2019-15942: Conditional jump or move depends on uninitialised value”
issue in h2645_parse (boo#1149839)
Update to FFmpeg 4.2 “Ada”
* tpad filter
* AV1 decoding support through libdav1d
* dedot filter
* chromashift and rgbashift filters
* freezedetect filter
* truehd_core bitstream filter
* dhav demuxer
* PCM-DVD encoder
* GIF parser
* vividas demuxer
* hymt decoder
* anlmdn filter
* maskfun filter
* hcom demuxer and decoder
* ARBC decoder
* libaribb24 based ARIB STD-B24 caption support (profiles A and C)
* Support decoding of HEVC 4:4:4 content in nvdec and cuviddec
* removed libndi-newtek
* agm decoder
* KUX demuxer
* AV1 frame split bitstream filter
* lscr decoder
* lagfun filter
* asoftclip filter
* Support decoding of HEVC 4:4:4 content in vdpau
* colorhold filter
* xmedian filter
* asr filter
* showspatial multimedia filter
* VP4 video decoder
* IFV demuxer
* derain filter
* deesser filter
* mov muxer writes tracks with unspecified language instead of English by
default
* added support for using clang to compile CUDA kernels
– See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete
changelog.
Update to version 4.1.4
* See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete
changelog.
– Enable runtime enabling for fdkaac via –enable-libfdk-aac-dlopen
Update to version 4.1.3:
* Updates and bug fixes for codecs, filters and formats. [boo#1133153,
boo#1133155, CVE-2019-11338, CVE-2019-11339]
Update to version 4.1.2:
* Updates and bug fixes for codecs, filters and formats.
Update to version 4.1.1:
* Various filter and codec fixes and enhancements.
* configure: Add missing xlib dependency for VAAPI X11 code.
* For complete changelog, see /usr/share/doc/packages/ffmpeg-4/Changelog
* enable AV1 support on x86_64
Update ffmpeg to 4.1:
* Lots of filter updates as usual: deblock, tmix, aplify, fftdnoiz,
aderivative, aintegral, pal75bars, pal100bars, adeclick, adeclip,
lensfun (wrapper), colorconstancy, 1D LUT filter (lut1d), cue, acue,
transpose_npp, amultiply, Block-Matching 3d (bm3d) denoising filter,
acrossover filter, audio denoiser as afftdn filter, sinc audio filter
source, chromahold, setparams, vibrance, xstack, (a)graphmonitor filter
yadif_cuda filter.
* AV1 parser
* Support for AV1 in MP4
* PCM VIDC decoder and encoder
* libtensorflow backend for DNN based filters like srcnn
* — The following only enabled in third-party builds:
* ATRAC9 decoder
* AVS2 video decoder via libdavs2
* IMM4 video decoder
* Brooktree ProSumer video decoder
* MatchWare Screen Capture Codec decoder
* WinCam Motion Video decoder
* RemotelyAnywhere Screen Capture decoder
* AVS2 video encoder via libxavs2
* ILBC decoder
* SER demuxer
* Decoding S12M timecode in H264
* For complete changelog, see
https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1
Update ffmpeg to 4.0.3:
* For complete changelog, see
https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.0.3
– CVE-2018-13305: Added a missing check for negative values of mqaunt
variable (boo#1100345).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2020-24=1
Package List:
– SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64):
ffmpeg-4-libavcodec-devel-4.0.5-17.1
ffmpeg-4-libavdevice-devel-4.0.5-17.1
ffmpeg-4-libavfilter-devel-4.0.5-17.1
ffmpeg-4-libavformat-devel-4.0.5-17.1
ffmpeg-4-libavresample-devel-4.0.5-17.1
ffmpeg-4-libavutil-devel-4.0.5-17.1
ffmpeg-4-libpostproc-devel-4.0.5-17.1
ffmpeg-4-libswresample-devel-4.0.5-17.1
ffmpeg-4-libswscale-devel-4.0.5-17.1
ffmpeg-4-private-devel-4.0.5-17.1
libavcodec58-4.0.5-17.1
libavdevice58-4.0.5-17.1
libavfilter7-4.0.5-17.1
libavformat58-4.0.5-17.1
libavresample4-4.0.5-17.1
libavutil56-4.0.5-17.1
libpostproc55-4.0.5-17.1
libswresample3-4.0.5-17.1
libswscale5-4.0.5-17.1
– SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64_ilp32):
libavcodec58-64bit-4.0.5-17.1
libavdevice58-64bit-4.0.5-17.1
libavfilter7-64bit-4.0.5-17.1
libavformat58-64bit-4.0.5-17.1
libavresample4-64bit-4.0.5-17.1
libavutil56-64bit-4.0.5-17.1
libpostproc55-64bit-4.0.5-17.1
libswresample3-64bit-4.0.5-17.1
libswscale5-64bit-4.0.5-17.1
References:
https://www.suse.com/security/cve/CVE-2017-17555.html
https://www.suse.com/security/cve/CVE-2018-13305.html
https://www.suse.com/security/cve/CVE-2019-11338.html
https://www.suse.com/security/cve/CVE-2019-11339.html
https://www.suse.com/security/cve/CVE-2019-15942.html
https://bugzilla.suse.com/1100345
https://bugzilla.suse.com/1133123
https://bugzilla.suse.com/1133153
https://bugzilla.suse.com/1133155
https://bugzilla.suse.com/1149839
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
openSUSE Security Update: Security update for ffmpeg-4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:0024-1 Rating: moderate References: #1100345 #1133123 #1133153 #1133155 #1149839 Cross-References: CVE-2017-17555 CVE-2018-13305 CVE-2019-11338 CVE-2019-11339 CVE-2019-15942 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for ffmpeg-4 fixes the following issues: ffmpeg-4 was updated to version 4.0.5, fixes boo#1133153 - CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified. (bsc#1133153) - For other changes see /usr/share/doc/packages/libavcodec58/Changelog Update to version 4.2.1: * Stable bug fix release, mainly codecs and format fixes. - CVE-2019-15942: Conditional jump or move depends on uninitialised value" issue in h2645_parse (boo#1149839) Update to FFmpeg 4.2 "Ada" * tpad filter * AV1 decoding support through libdav1d * dedot filter * chromashift and rgbashift filters * freezedetect filter * truehd_core bitstream filter * dhav demuxer * PCM-DVD encoder * GIF parser * vividas demuxer * hymt decoder * anlmdn filter * maskfun filter * hcom demuxer and decoder * ARBC decoder * libaribb24 based ARIB STD-B24 caption support (profiles A and C) * Support decoding of HEVC 4:4:4 content in nvdec and cuviddec * removed libndi-newtek * agm decoder * KUX demuxer * AV1 frame split bitstream filter * lscr decoder * lagfun filter * asoftclip filter * Support decoding of HEVC 4:4:4 content in vdpau * colorhold filter * xmedian filter * asr filter * showspatial multimedia filter * VP4 video decoder * IFV demuxer * derain filter * deesser filter * mov muxer writes tracks with unspecified language instead of English by default * added support for using clang to compile CUDA kernels - See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog. Update to version 4.1.4 * See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete changelog. - Enable runtime enabling for fdkaac via --enable-libfdk-aac-dlopen Update to version 4.1.3: * Updates and bug fixes for codecs, filters and formats. [boo#1133153, boo#1133155, CVE-2019-11338, CVE-2019-11339] Update to version 4.1.2: * Updates and bug fixes for codecs, filters and formats. Update to version 4.1.1: * Various filter and codec fixes and enhancements. * configure: Add missing xlib dependency for VAAPI X11 code. * For complete changelog, see /usr/share/doc/packages/ffmpeg-4/Changelog * enable AV1 support on x86_64 Update ffmpeg to 4.1: * Lots of filter updates as usual: deblock, tmix, aplify, fftdnoiz, aderivative, aintegral, pal75bars, pal100bars, adeclick, adeclip, lensfun (wrapper), colorconstancy, 1D LUT filter (lut1d), cue, acue, transpose_npp, amultiply, Block-Matching 3d (bm3d) denoising filter, acrossover filter, audio denoiser as afftdn filter, sinc audio filter source, chromahold, setparams, vibrance, xstack, (a)graphmonitor filter yadif_cuda filter. * AV1 parser * Support for AV1 in MP4 * PCM VIDC decoder and encoder * libtensorflow backend for DNN based filters like srcnn * -- The following only enabled in third-party builds: * ATRAC9 decoder * AVS2 video decoder via libdavs2 * IMM4 video decoder * Brooktree ProSumer video decoder * MatchWare Screen Capture Codec decoder * WinCam Motion Video decoder * RemotelyAnywhere Screen Capture decoder * AVS2 video encoder via libxavs2 * ILBC decoder * SER demuxer * Decoding S12M timecode in H264 * For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1 Update ffmpeg to 4.0.3: * For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.0.3 - CVE-2018-13305: Added a missing check for negative values of mqaunt variable (boo#1100345). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-24=1 - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2020-24=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2020-24=1 - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2020-24=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): ffmpeg-4-debugsource-4.2.1-lp151.2.3.1 ffmpeg-4-libavcodec-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libavdevice-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libavfilter-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libavformat-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libavresample-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libavutil-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libpostproc-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libswresample-devel-4.2.1-lp151.2.3.1 ffmpeg-4-libswscale-devel-4.2.1-lp151.2.3.1 ffmpeg-4-private-devel-4.2.1-lp151.2.3.1 libavcodec58-4.2.1-lp151.2.3.1 libavcodec58-debuginfo-4.2.1-lp151.2.3.1 libavdevice58-4.2.1-lp151.2.3.1 libavdevice58-debuginfo-4.2.1-lp151.2.3.1 libavfilter7-4.2.1-lp151.2.3.1 libavfilter7-debuginfo-4.2.1-lp151.2.3.1 libavformat58-4.2.1-lp151.2.3.1 libavformat58-debuginfo-4.2.1-lp151.2.3.1 libavresample4-4.2.1-lp151.2.3.1 libavresample4-debuginfo-4.2.1-lp151.2.3.1 libavutil56-4.2.1-lp151.2.3.1 libavutil56-debuginfo-4.2.1-lp151.2.3.1 libpostproc55-4.2.1-lp151.2.3.1 libpostproc55-debuginfo-4.2.1-lp151.2.3.1 libswresample3-4.2.1-lp151.2.3.1 libswresample3-debuginfo-4.2.1-lp151.2.3.1 libswscale5-4.2.1-lp151.2.3.1 libswscale5-debuginfo-4.2.1-lp151.2.3.1 - openSUSE Leap 15.1 (x86_64): libavcodec58-32bit-4.2.1-lp151.2.3.1 libavcodec58-32bit-debuginfo-4.2.1-lp151.2.3.1 libavdevice58-32bit-4.2.1-lp151.2.3.1 libavdevice58-32bit-debuginfo-4.2.1-lp151.2.3.1 libavfilter7-32bit-4.2.1-lp151.2.3.1 libavfilter7-32bit-debuginfo-4.2.1-lp151.2.3.1 libavformat58-32bit-4.2.1-lp151.2.3.1 libavformat58-32bit-debuginfo-4.2.1-lp151.2.3.1 libavresample4-32bit-4.2.1-lp151.2.3.1 libavresample4-32bit-debuginfo-4.2.1-lp151.2.3.1 libavutil56-32bit-4.2.1-lp151.2.3.1 libavutil56-32bit-debuginfo-4.2.1-lp151.2.3.1 libpostproc55-32bit-4.2.1-lp151.2.3.1 libpostproc55-32bit-debuginfo-4.2.1-lp151.2.3.1 libswresample3-32bit-4.2.1-lp151.2.3.1 libswresample3-32bit-debuginfo-4.2.1-lp151.2.3.1 libswscale5-32bit-4.2.1-lp151.2.3.1 libswscale5-32bit-debuginfo-4.2.1-lp151.2.3.1 - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): ffmpeg-4-debugsource-4.2.1-bp151.5.3.1 ffmpeg-4-libavcodec-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libavdevice-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libavfilter-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libavformat-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libavresample-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libavutil-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libpostproc-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libswresample-devel-4.2.1-bp151.5.3.1 ffmpeg-4-libswscale-devel-4.2.1-bp151.5.3.1 ffmpeg-4-private-devel-4.2.1-bp151.5.3.1 libavcodec58-4.2.1-bp151.5.3.1 libavcodec58-debuginfo-4.2.1-bp151.5.3.1 libavdevice58-4.2.1-bp151.5.3.1 libavdevice58-debuginfo-4.2.1-bp151.5.3.1 libavfilter7-4.2.1-bp151.5.3.1 libavfilter7-debuginfo-4.2.1-bp151.5.3.1 libavformat58-4.2.1-bp151.5.3.1 libavformat58-debuginfo-4.2.1-bp151.5.3.1 libavresample4-4.2.1-bp151.5.3.1 libavresample4-debuginfo-4.2.1-bp151.5.3.1 libavutil56-4.2.1-bp151.5.3.1 libavutil56-debuginfo-4.2.1-bp151.5.3.1 libpostproc55-4.2.1-bp151.5.3.1 libpostproc55-debuginfo-4.2.1-bp151.5.3.1 libswresample3-4.2.1-bp151.5.3.1 libswresample3-debuginfo-4.2.1-bp151.5.3.1 libswscale5-4.2.1-bp151.5.3.1 libswscale5-debuginfo-4.2.1-bp151.5.3.1 - openSUSE Backports SLE-15-SP1 (aarch64_ilp32): libavcodec58-64bit-4.2.1-bp151.5.3.1 libavcodec58-64bit-debuginfo-4.2.1-bp151.5.3.1 libavdevice58-64bit-4.2.1-bp151.5.3.1 libavdevice58-64bit-debuginfo-4.2.1-bp151.5.3.1 libavfilter7-64bit-4.2.1-bp151.5.3.1 libavfilter7-64bit-debuginfo-4.2.1-bp151.5.3.1 libavformat58-64bit-4.2.1-bp151.5.3.1 libavformat58-64bit-debuginfo-4.2.1-bp151.5.3.1 libavresample4-64bit-4.2.1-bp151.5.3.1 libavresample4-64bit-debuginfo-4.2.1-bp151.5.3.1 libavutil56-64bit-4.2.1-bp151.5.3.1 libavutil56-64bit-debuginfo-4.2.1-bp151.5.3.1 libpostproc55-64bit-4.2.1-bp151.5.3.1 libpostproc55-64bit-debuginfo-4.2.1-bp151.5.3.1 libswresample3-64bit-4.2.1-bp151.5.3.1 libswresample3-64bit-debuginfo-4.2.1-bp151.5.3.1 libswscale5-64bit-4.2.1-bp151.5.3.1 libswscale5-64bit-debuginfo-4.2.1-bp151.5.3.1 - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): ffmpeg-4-debugsource-4.2.1-bp150.24.1 ffmpeg-4-libavcodec-devel-4.2.1-bp150.24.1 ffmpeg-4-libavdevice-devel-4.2.1-bp150.24.1 ffmpeg-4-libavfilter-devel-4.2.1-bp150.24.1 ffmpeg-4-libavformat-devel-4.2.1-bp150.24.1 ffmpeg-4-libavresample-devel-4.2.1-bp150.24.1 ffmpeg-4-libavutil-devel-4.2.1-bp150.24.1 ffmpeg-4-libpostproc-devel-4.2.1-bp150.24.1 ffmpeg-4-libswresample-devel-4.2.1-bp150.24.1 ffmpeg-4-libswscale-devel-4.2.1-bp150.24.1 ffmpeg-4-private-devel-4.2.1-bp150.24.1 libavcodec58-4.2.1-bp150.24.1 libavcodec58-debuginfo-4.2.1-bp150.24.1 libavdevice58-4.2.1-bp150.24.1 libavdevice58-debuginfo-4.2.1-bp150.24.1 libavfilter7-4.2.1-bp150.24.1 libavfilter7-debuginfo-4.2.1-bp150.24.1 libavformat58-4.2.1-bp150.24.1 libavformat58-debuginfo-4.2.1-bp150.24.1 libavresample4-4.2.1-bp150.24.1 libavresample4-debuginfo-4.2.1-bp150.24.1 libavutil56-4.2.1-bp150.24.1 libavutil56-debuginfo-4.2.1-bp150.24.1 libpostproc55-4.2.1-bp150.24.1 libpostproc55-debuginfo-4.2.1-bp150.24.1 libswresample3-4.2.1-bp150.24.1 libswresample3-debuginfo-4.2.1-bp150.24.1 libswscale5-4.2.1-bp150.24.1 libswscale5-debuginfo-4.2.1-bp150.24.1 - openSUSE Backports SLE-15 (aarch64_ilp32): libavcodec58-64bit-4.2.1-bp150.24.1 libavcodec58-64bit-debuginfo-4.2.1-bp150.24.1 libavdevice58-64bit-4.2.1-bp150.24.1 libavdevice58-64bit-debuginfo-4.2.1-bp150.24.1 libavfilter7-64bit-4.2.1-bp150.24.1 libavfilter7-64bit-debuginfo-4.2.1-bp150.24.1 libavformat58-64bit-4.2.1-bp150.24.1 libavformat58-64bit-debuginfo-4.2.1-bp150.24.1 libavresample4-64bit-4.2.1-bp150.24.1 libavresample4-64bit-debuginfo-4.2.1-bp150.24.1 libavutil56-64bit-4.2.1-bp150.24.1 libavutil56-64bit-debuginfo-4.2.1-bp150.24.1 libpostproc55-64bit-4.2.1-bp150.24.1 libpostproc55-64bit-debuginfo-4.2.1-bp150.24.1 libswresample3-64bit-4.2.1-bp150.24.1 libswresample3-64bit-debuginfo-4.2.1-bp150.24.1 libswscale5-64bit-4.2.1-bp150.24.1 libswscale5-64bit-debuginfo-4.2.1-bp150.24.1 - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64): ffmpeg-4-libavcodec-devel-4.0.5-17.1 ffmpeg-4-libavdevice-devel-4.0.5-17.1 ffmpeg-4-libavfilter-devel-4.0.5-17.1 ffmpeg-4-libavformat-devel-4.0.5-17.1 ffmpeg-4-libavresample-devel-4.0.5-17.1 ffmpeg-4-libavutil-devel-4.0.5-17.1 ffmpeg-4-libpostproc-devel-4.0.5-17.1 ffmpeg-4-libswresample-devel-4.0.5-17.1 ffmpeg-4-libswscale-devel-4.0.5-17.1 ffmpeg-4-private-devel-4.0.5-17.1 libavcodec58-4.0.5-17.1 libavdevice58-4.0.5-17.1 libavfilter7-4.0.5-17.1 libavformat58-4.0.5-17.1 libavresample4-4.0.5-17.1 libavutil56-4.0.5-17.1 libpostproc55-4.0.5-17.1 libswresample3-4.0.5-17.1 libswscale5-4.0.5-17.1 - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64_ilp32): libavcodec58-64bit-4.0.5-17.1 libavdevice58-64bit-4.0.5-17.1 libavfilter7-64bit-4.0.5-17.1 libavformat58-64bit-4.0.5-17.1 libavresample4-64bit-4.0.5-17.1 libavutil56-64bit-4.0.5-17.1 libpostproc55-64bit-4.0.5-17.1 libswresample3-64bit-4.0.5-17.1 libswscale5-64bit-4.0.5-17.1 References: https://www.suse.com/security/cve/CVE-2017-17555.html https://www.suse.com/security/cve/CVE-2018-13305.html https://www.suse.com/security/cve/CVE-2019-11338.html https://www.suse.com/security/cve/CVE-2019-11339.html https://www.suse.com/security/cve/CVE-2019-15942.html https://bugzilla.suse.com/1100345 https://bugzilla.suse.com/1133123 https://bugzilla.suse.com/1133153 https://bugzilla.suse.com/1133155 https://bugzilla.suse.com/1149839 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org$downloadlink = get_field('download_link'); ?>