|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-1: CVE-2019-13962: vlc: lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Distribution | Reporter: | Marcus Meissner <meissner> |
| Component: | Other | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Minor | ||
| Priority: | P4 - Low | ||
| Version: | Leap 42.3 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/237689/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Marcus Meissner
2019-07-19 08:41:49 UTC
This is an autogenerated message for OBS integration: This bug (1142161) was mentioned in https://build.opensuse.org/request/show/719998 15.1 / vlc https://build.opensuse.org/request/show/719999 15.0 / vlc openSUSE-SU-2019:1840-1: An update that fixes 7 vulnerabilities is now available. Category: security (important) Bug References: 1118586,1138354,1138933,1141522,1142161,1143547,1143549 CVE References: CVE-2018-19857,CVE-2019-12874,CVE-2019-13602,CVE-2019-13962,CVE-2019-5439,CVE-2019-5459,CVE-2019-5460 Sources used: openSUSE Leap 15.1 (src): vlc-3.0.7.1-lp151.6.3.1 openSUSE-SU-2019:1897-1: An update that fixes 7 vulnerabilities is now available. Category: security (important) Bug References: 1118586,1138354,1138933,1141522,1142161,1143547,1143549 CVE References: CVE-2018-19857,CVE-2019-12874,CVE-2019-13602,CVE-2019-13962,CVE-2019-5439,CVE-2019-5459,CVE-2019-5460 Sources used: openSUSE Backports SLE-15-SP1 (src): vlc-3.0.7.1-bp151.5.3.3 openSUSE-SU-2019:1909-1: An update that solves 7 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1093732,1094893,1118586,1133290,1138354,1138933,1141522,1142161,1143547,1143549 CVE References: CVE-2018-19857,CVE-2019-12874,CVE-2019-13602,CVE-2019-13962,CVE-2019-5439,CVE-2019-5459,CVE-2019-5460 Sources used: openSUSE Leap 15.0 (src): libaom-1.0.0-lp150.2.1, vlc-3.0.7.1-lp150.8.1 openSUSE-SU-2019:2015-1: An update that solves 7 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1093732,1094893,1118586,1133290,1138354,1138933,1141522,1142161,1143547,1143549 CVE References: CVE-2018-19857,CVE-2019-12874,CVE-2019-13602,CVE-2019-13962,CVE-2019-5439,CVE-2019-5459,CVE-2019-5460 Sources used: openSUSE Backports SLE-15 (src): libaom-1.0.0-bp150.2.1, vlc-3.0.7.1-bp150.2.6.1 Update has been released openSUSE-SU-2020:0545-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1142161,1146428 CVE References: CVE-2019-13602,CVE-2019-13962,CVE-2019-14437,CVE-2019-14438,CVE-2019-14498,CVE-2019-14533,CVE-2019-14534,CVE-2019-14535,CVE-2019-14776,CVE-2019-14777,CVE-2019-14778,CVE-2019-14970 Sources used: openSUSE Leap 15.1 (src): vlc-3.0.9.2-lp151.6.6.1 openSUSE-SU-2020:0562-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1142161,1146428 CVE References: CVE-2019-13602,CVE-2019-13962,CVE-2019-14437,CVE-2019-14438,CVE-2019-14498,CVE-2019-14533,CVE-2019-14534,CVE-2019-14535,CVE-2019-14776,CVE-2019-14777,CVE-2019-14778,CVE-2019-14970 Sources used: openSUSE Backports SLE-15-SP1 (src): vlc-3.0.9.2-bp151.5.6.1 |