Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

openSUSE 15.1: 2020:0562-1 Moderate: vlc Buffer Overflow Fix

opensuse
Calendar Grey April 29, 2020
Dist Opensuse Esm H88
An update for the VLC player addresses 12 vulnerabilities and improves video playback quality. Discover more about the modifications and how to install them.
An update that fixes 12 vulnerabilities is now available.

Description

This update for vlc fixes the following issues:

vlc was updated to version 3.0.9.2:

+ Misc: Properly bump the version in configure.ac.

Changes from version 3.0.9.1:

+ Misc: Fix VLSub returning 401 for earch request.

Changes from version 3.0.9:

+ Core: Work around busy looping when playing an invalid item through VLM.

+ Access:

* Multiple dvdread and dvdnav crashs fixes

* Fixed DVD glitches on clip change

* Fixed dvdread commands/data sequence inversion in some cases causing

unwanted glitches

* Better handling of authored as corrupted DVD

* Added libsmb2 support for SMB2/3 shares

+ Demux:

* Fix TTML entities not passed to decoder

* Fixed some WebVTT styling tags being not applied

* Misc raw H264/HEVC frame rate fixes

* Fix adaptive regression on TS format change (mostly HLS)

* Fixed MP4 regression with twos/sowt PCM audio

* Fixed some MP4 raw quicktime and ms-PCM audio

* Fixed MP4...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate buffer overflow patch multimedia vlc openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-562=1

Package List

- openSUSE Backports SLE-15-SP1 (x86_64):

libvlc5-3.0.9.2-bp151.5.6.1

libvlccore9-3.0.9.2-bp151.5.6.1

vlc-3.0.9.2-bp151.5.6.1

vlc-codec-gstreamer-3.0.9.2-bp151.5.6.1

vlc-devel-3.0.9.2-bp151.5.6.1

vlc-jack-3.0.9.2-bp151.5.6.1

vlc-noX-3.0.9.2-bp151.5.6.1

vlc-opencv-3.0.9.2-bp151.5.6.1

vlc-qt-3.0.9.2-bp151.5.6.1

vlc-vdpau-3.0.9.2-bp151.5.6.1

- openSUSE Backports SLE-15-SP1 (noarch):

vlc-lang-3.0.9.2-bp151.5.6.1

References

https://www.suse.com/security/cve/CVE-2019-13602.html

https://www.suse.com/security/cve/CVE-2019-13962.html

https://www.suse.com/security/cve/CVE-2019-14437.html

https://www.suse.com/security/cve/CVE-2019-14438.html

https://www.suse.com/security/cve/CVE-2019-14498.html

https://www.suse.com/security/cve/CVE-2019-14533.html

https://www.suse.com/security/cve/CVE-2019-14534.html

https://www.suse.com/security/cve/CVE-2019-14535.html

https://www.suse.com/security/cve/CVE-2019-14776.html

https://www.suse.com/security/cve/CVE-2019-14777.html

https://www.suse.com/security/cve/CVE-2019-14778.html

https://www.suse.com/security/cve/CVE-2019-14970.html

https://bugzilla.suse.com/1142161

https://bugzilla.suse.com/1146428

--

Announcement ID: openSUSE-SU-2020:0562-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP1

Topics%20covered

Topics Covered

security advisory moderate buffer overflow patch multimedia vlc openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here