This update for ffmpeg-7 fixes the following issues
- CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow (bsc#1262237).
Changes for ffmpeg-7:
- Update to version 7.1.4:
* Codec, format, filter and various other bugfixes.
* lavc/aarch64: Fix addp overflow in ff_pred16x16_plane_neon_10
* swscale/output: Fix integer overflow in yuv2ya16_X_c_template()
* avformat/avformat: clear FFFormatContext packet queue when
closing a muxer
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-1137=1
- openSUSE Leap 16.0:
ffmpeg-7-7.1.4-160000.1.1
ffmpeg-7-libavcodec-devel-7.1.4-160000.1.1
ffmpeg-7-libavdevice-devel-7.1.4-160000.1.1
ffmpeg-7-libavfilter-devel-7.1.4-160000.1.1
ffmpeg-7-libavformat-devel-7.1.4-160000.1.1
ffmpeg-7-libavutil-devel-7.1.4-160000.1.1
ffmpeg-7-libpostproc-devel-7.1.4-160000.1.1
ffmpeg-7-libswresample-devel-7.1.4-160000.1.1
ffmpeg-7-libswscale-devel-7.1.4-160000.1.1
libavcodec61-7.1.4-160000.1.1
libavdevice61-7.1.4-160000.1.1
libavfilter10-7.1.4-160000.1.1
libavformat61-7.1.4-160000.1.1
libavutil59-7.1.4-160000.1.1
libpostproc58-7.1.4-160000.1.1
libswresample5-7.1.4-160000.1.1
libswscale8-7.1.4-160000.1.1
* bsc#1220545
* bsc#1234030
* bsc#1237561
* bsc#1249393
* bsc#1249431
* bsc#1262237
References:
* https://www.suse.com/security/cve/CVE-2023-6601.html
* https://www.suse.com/security/cve/CVE-2024-35366.html
* https://www.suse.com/security/cve/CVE-2025-10256.html
* https://www.suse.com/security/cve/CVE-2025-1594.html
* https://www.suse.com/security/cve/CVE-2025-25473.html
* https://www.suse.com/security/cve/CVE-2025-9951.html
* https://www.suse.com/security/cve/CVE-2026-40962.html
Get the latest Linux and open source security news straight to your inbox.