Alerts This Week
Warning Icon 1 815
Alerts This Week
Warning Icon 1 815

openSUSE ffmpeg-4 Important Security Update Advisory 2026-20855-1

opensuse
Calendar Grey June 2, 2026
Dist Opensuse Esm H88
Critical updates for ffmpeg-4 on openSUSE addressing 7 risks and bugs. Immediate action is recommended for system safety.
An update that solves 7 vulnerabilities and has 4 bug fixes can now be installed.

Description

This update for ffmpeg-4 fixes the following issues:

Changes in ffmpeg-4:

- Add check for the return value of av_malloc_array() to avoid potential NULL pointer dereference. (CVE-2025-10256, bsc#1249431)

- Update to version 4.4.7:

* Codecs, filters and other various bugfixes

* aacenc_tns: clamp filter direction energy measurement. (CVE-2025-1594, bsc#1237561)

* avcodec/jpeg2000dec: implement cdef remapping during pixel format matching. (CVE-2025-9951, bsc#1249393)

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-packagehub-285=1

Topics%20covered

Topics Covered

security advisory important OpenSUSE potential risk remotely exploitable ffmpeg-4

Patch

Package List

- openSUSE Leap 16.0:

ffmpeg-4-4.4.7-bp160.1.1

ffmpeg-4-libavcodec-devel-4.4.7-bp160.1.1

ffmpeg-4-libavdevice-devel-4.4.7-bp160.1.1

ffmpeg-4-libavfilter-devel-4.4.7-bp160.1.1

ffmpeg-4-libavformat-devel-4.4.7-bp160.1.1

ffmpeg-4-libavresample-devel-4.4.7-bp160.1.1

ffmpeg-4-libavutil-devel-4.4.7-bp160.1.1

ffmpeg-4-libpostproc-devel-4.4.7-bp160.1.1

ffmpeg-4-libswresample-devel-4.4.7-bp160.1.1

ffmpeg-4-libswscale-devel-4.4.7-bp160.1.1

ffmpeg-4-private-devel-4.4.7-bp160.1.1

libavcodec58_134-4.4.7-bp160.1.1

libavdevice58_13-4.4.7-bp160.1.1

libavfilter7_110-4.4.7-bp160.1.1

libavformat58_76-4.4.7-bp160.1.1

libavresample4_0-4.4.7-bp160.1.1

libavutil56_70-4.4.7-bp160.1.1

libpostproc55_9-4.4.7-bp160.1.1

libswresample3_9-4.4.7-bp160.1.1

libswscale5_9-4.4.7-bp160.1.1

References

* bsc#1234030

* bsc#1237561

* bsc#1249393

* bsc#1249431

References:

* https://www.suse.com/security/cve/CVE-2024-35366.html

* https://www.suse.com/security/cve/CVE-2024-35368.html

* https://www.suse.com/security/cve/CVE-2024-36618.html

* https://www.suse.com/security/cve/CVE-2025-10256.html

* https://www.suse.com/security/cve/CVE-2025-1594.html

* https://www.suse.com/security/cve/CVE-2025-59728.html

* https://www.suse.com/security/cve/CVE-2025-9951.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20855-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory important OpenSUSE potential risk remotely exploitable ffmpeg-4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here