{"affected":[{"ecosystem_specific":{"binaries":[{"aom-tools":"1.0.0-bp150.2.1","libaom-devel":"1.0.0-bp150.2.1","libaom-devel-doc":"1.0.0-bp150.2.1","libaom0":"1.0.0-bp150.2.1","libaom0-64bit":"1.0.0-bp150.2.1","libvlc5":"3.0.7.1-bp150.2.6.1","libvlccore9":"3.0.7.1-bp150.2.6.1","vlc":"3.0.7.1-bp150.2.6.1","vlc-codec-gstreamer":"3.0.7.1-bp150.2.6.1","vlc-devel":"3.0.7.1-bp150.2.6.1","vlc-jack":"3.0.7.1-bp150.2.6.1","vlc-lang":"3.0.7.1-bp150.2.6.1","vlc-noX":"3.0.7.1-bp150.2.6.1","vlc-qt":"3.0.7.1-bp150.2.6.1","vlc-vdpau":"3.0.7.1-bp150.2.6.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15","name":"libaom","purl":"pkg:rpm/suse/libaom&distro=SUSE%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.0-bp150.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"aom-tools":"1.0.0-bp150.2.1","libaom-devel":"1.0.0-bp150.2.1","libaom-devel-doc":"1.0.0-bp150.2.1","libaom0":"1.0.0-bp150.2.1","libaom0-64bit":"1.0.0-bp150.2.1","libvlc5":"3.0.7.1-bp150.2.6.1","libvlccore9":"3.0.7.1-bp150.2.6.1","vlc":"3.0.7.1-bp150.2.6.1","vlc-codec-gstreamer":"3.0.7.1-bp150.2.6.1","vlc-devel":"3.0.7.1-bp150.2.6.1","vlc-jack":"3.0.7.1-bp150.2.6.1","vlc-lang":"3.0.7.1-bp150.2.6.1","vlc-noX":"3.0.7.1-bp150.2.6.1","vlc-qt":"3.0.7.1-bp150.2.6.1","vlc-vdpau":"3.0.7.1-bp150.2.6.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15","name":"vlc","purl":"pkg:rpm/suse/vlc&distro=SUSE%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.0.7.1-bp150.2.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for vlc to version 3.0.7.1 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-5439: Fixed a buffer overflow (bsc#1138354).\n- CVE-2019-5459: Fixed an integer underflow (bsc#1143549).\n- CVE-2019-5460: Fixed a double free (bsc#1143547).\n- CVE-2019-12874: Fixed a double free in zlib_decompress_extra in modules/demux/mkv/util.cpp (bsc#1138933).\n- CVE-2019-13602: Fixed an integer underflow in mp4 demuxer (boo#1141522).\n- CVE-2019-13962: Fixed a heap-based buffer over-read in avcodec (boo#1142161).\n\nNon-security issues fixed:\n\n- Video Output:\n  * Fix hardware acceleration with some AMD drivers\n  * Improve direct3d11 HDR support\n- Access:\n  * Improve Blu-ray support\n- Audio output:\n  * Fix pass-through on Android-23\n  * Fix DirectSound drain\n- Demux: Improve MP4 support\n- Video Output:\n  * Fix 12 bits sources playback with Direct3D11\n  * Fix crash on iOS\n  * Fix midstream aspect-ratio changes when Windows hardware decoding is on\n  * Fix HLG display with Direct3D11\n- Stream Output: Improve Chromecast support with new ChromeCast apps\n- Misc:\n  * Update Youtube, Dailymotion, Vimeo, Soundcloud scripts\n  * Work around busy looping when playing an invalid item with loop enabled\n- Updated translations.\n\nNew package libaom:\n  * Initial version 1.0.0\n  * A library for AOMedia Video 1 (AV1), an open, royalty-free video coding format\n    designed for video transmissions over the Internet.\n\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2019:2015-1","modified":"2019-08-26T14:22:46Z","published":"2019-08-26T14:22:46Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RNBI5GJAXU5KVZYP22ZO47MDJGB63ZQK/#RNBI5GJAXU5KVZYP22ZO47MDJGB63ZQK"},{"type":"REPORT","url":"https://bugzilla.suse.com/1093732"},{"type":"REPORT","url":"https://bugzilla.suse.com/1094893"},{"type":"REPORT","url":"https://bugzilla.suse.com/1118586"},{"type":"REPORT","url":"https://bugzilla.suse.com/1133290"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138354"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138933"},{"type":"REPORT","url":"https://bugzilla.suse.com/1141522"},{"type":"REPORT","url":"https://bugzilla.suse.com/1142161"},{"type":"REPORT","url":"https://bugzilla.suse.com/1143547"},{"type":"REPORT","url":"https://bugzilla.suse.com/1143549"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-12874"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13602"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5439"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5459"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5460"}],"related":["CVE-2018-19857","CVE-2019-12874","CVE-2019-13602","CVE-2019-13962","CVE-2019-5439","CVE-2019-5459","CVE-2019-5460"],"summary":"Security update for vlc","upstream":["CVE-2018-19857","CVE-2019-12874","CVE-2019-13602","CVE-2019-13962","CVE-2019-5439","CVE-2019-5459","CVE-2019-5460"]}