Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE Leap 15.1: 2020:0545-1 Moderate: VLC Buffer Overflow Issues

opensuse
Calendar Grey April 23, 2020
Dist Opensuse Esm H88
This Fedora patch fixes vulnerabilities in GIMP, improving reliability and functionality.
An update that fixes 12 vulnerabilities is now available.

Description

This update for vlc fixes the following issues:

vlc was updated to version 3.0.9.2:

+ Misc: Properly bump the version in configure.ac.

Changes from version 3.0.9.1:

+ Misc: Fix VLSub returning 401 for earch request.

Changes from version 3.0.9:

+ Core: Work around busy looping when playing an invalid item through VLM.

+ Access:

* Multiple dvdread and dvdnav crashs fixes

* Fixed DVD glitches on clip change

* Fixed dvdread commands/data sequence inversion in some cases causing

unwanted glitches

* Better handling of authored as corrupted DVD

* Added libsmb2 support for SMB2/3 shares

+ Demux:

* Fix TTML entities not passed to decoder

* Fixed some WebVTT styling tags being not applied

* Misc raw H264/HEVC frame rate fixes

* Fix adaptive regression on TS format change (mostly HLS)

* Fixed MP4 regression with twos/sowt PCM audio

* Fixed some MP4 raw quicktime and ms-PCM audio

* Fixed MP4...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate buffer overflow DoS vlc openSUSE read overflow

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-545=1

Package List

- openSUSE Leap 15.1 (noarch):

vlc-lang-3.0.9.2-lp151.6.6.1

- openSUSE Leap 15.1 (x86_64):

libvlc5-3.0.9.2-lp151.6.6.1

libvlc5-debuginfo-3.0.9.2-lp151.6.6.1

libvlccore9-3.0.9.2-lp151.6.6.1

libvlccore9-debuginfo-3.0.9.2-lp151.6.6.1

vlc-3.0.9.2-lp151.6.6.1

vlc-codec-gstreamer-3.0.9.2-lp151.6.6.1

vlc-codec-gstreamer-debuginfo-3.0.9.2-lp151.6.6.1

vlc-debuginfo-3.0.9.2-lp151.6.6.1

vlc-debugsource-3.0.9.2-lp151.6.6.1

vlc-devel-3.0.9.2-lp151.6.6.1

vlc-jack-3.0.9.2-lp151.6.6.1

vlc-jack-debuginfo-3.0.9.2-lp151.6.6.1

vlc-noX-3.0.9.2-lp151.6.6.1

vlc-noX-debuginfo-3.0.9.2-lp151.6.6.1

vlc-opencv-3.0.9.2-lp151.6.6.1

vlc-opencv-debuginfo-3.0.9.2-lp151.6.6.1

vlc-qt-3.0.9.2-lp151.6.6.1

vlc-qt-debuginfo-3.0.9.2-lp151.6.6.1

vlc-vdpau-3.0.9.2-lp151.6.6.1

vlc-vdpau-debuginfo-3.0.9.2-lp151.6.6.1

References

https://www.suse.com/security/cve/CVE-2019-13602.html

https://www.suse.com/security/cve/CVE-2019-13962.html

https://www.suse.com/security/cve/CVE-2019-14437.html

https://www.suse.com/security/cve/CVE-2019-14438.html

https://www.suse.com/security/cve/CVE-2019-14498.html

https://www.suse.com/security/cve/CVE-2019-14533.html

https://www.suse.com/security/cve/CVE-2019-14534.html

https://www.suse.com/security/cve/CVE-2019-14535.html

https://www.suse.com/security/cve/CVE-2019-14776.html

https://www.suse.com/security/cve/CVE-2019-14777.html

https://www.suse.com/security/cve/CVE-2019-14778.html

https://www.suse.com/security/cve/CVE-2019-14970.html

https://bugzilla.suse.com/1142161

https://bugzilla.suse.com/1146428

--

Announcement ID: openSUSE-SU-2020:0545-1
Rating: moderate
Affected Products: openSUSE Leap 15.1

Topics%20covered

Topics Covered

security advisory moderate buffer overflow DoS vlc openSUSE read overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here