Bug 1146428 - VUL-0: CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14437, CVE-2019-14438, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778: vlc: Multiple vulnerabilities in version 3.0.7.1 and earlier
VUL-0: CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-20...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Dominique Leuenberger
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-20 15:52 UTC by Wolfgang Frisch
Modified: 2020-04-29 10:16 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2019-08-20 15:52:04 UTC
Summary           : Multiple vulnerabilities fixed in VLC media player
Date              : August 2019
Affected versions : VLC media player 3.0.7.1 and earlier for most issues
ID                : VideoLAN-SB-VLC-308
CVE references    : CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778, CVE-2019-14970

https://www.videolan.org/security/sb-vlc308.html

VLC media player 3.0.8 addresses the issues.
Comment 2 Marcus Meissner 2020-04-18 07:40:42 UTC
just accepted the update now
Comment 3 Swamp Workflow Management 2020-04-23 13:44:54 UTC
openSUSE-SU-2020:0545-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1142161,1146428
CVE References: CVE-2019-13602,CVE-2019-13962,CVE-2019-14437,CVE-2019-14438,CVE-2019-14498,CVE-2019-14533,CVE-2019-14534,CVE-2019-14535,CVE-2019-14776,CVE-2019-14777,CVE-2019-14778,CVE-2019-14970
Sources used:
openSUSE Leap 15.1 (src):    vlc-3.0.9.2-lp151.6.6.1
Comment 4 Swamp Workflow Management 2020-04-29 10:16:07 UTC
openSUSE-SU-2020:0562-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1142161,1146428
CVE References: CVE-2019-13602,CVE-2019-13962,CVE-2019-14437,CVE-2019-14438,CVE-2019-14498,CVE-2019-14533,CVE-2019-14534,CVE-2019-14535,CVE-2019-14776,CVE-2019-14777,CVE-2019-14778,CVE-2019-14970
Sources used:
openSUSE Backports SLE-15-SP1 (src):    vlc-3.0.9.2-bp151.5.6.1