|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-1: CVE-2019-19721: vlc: off-by-one error in the DecodeBlock function in codec/sdl_image.c | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Distribution | Reporter: | Robert Frohl <rfrohl> |
| Component: | Security | Assignee: | Dominique Leuenberger <dimstar> |
| Status: | RESOLVED INVALID | QA Contact: | Security Team bot <security-team> |
| Severity: | Minor | ||
| Priority: | P4 - Low | CC: | rfrohl |
| Version: | Leap 15.1 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/259601/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Robert Frohl
2020-05-19 07:59:36 UTC
still affects Leap 15.1, Tumbleweed and 15.2 are already on 3.0.10. (In reply to Robert Frohl from comment #1) > still affects Leap 15.1, Tumbleweed and 15.2 are already on 3.0.10. Leap 15.1 is at 3.0.9.2; according #c0 the issue is 'before 3.0.9'. Really affected? If yes, there is o issue in submitting 3.0.10 to Leap 15.1 as well That was the update to VLC 3.0.9.2 in 15.1:Update r2 | maintenance-robot | 2020-04-23 08:12:37 | e1cd5e55cddf8cc6c6ddd46aec1fe910 | unknown | rq795340 Set link to vlc.12355 via maintenance_release request (In reply to Dominique Leuenberger from comment #2) > (In reply to Robert Frohl from comment #1) > > still affects Leap 15.1, Tumbleweed and 15.2 are already on 3.0.10. > > Leap 15.1 is at 3.0.9.2; according #c0 the issue is 'before 3.0.9'. Really > affected? If yes, there is o issue in submitting 3.0.10 to Leap 15.1 as well you are correct, I checked the GA codestream by accident. closing |