{"affected":[{"ecosystem_specific":{"binaries":[{"ffmpeg":"3.4.2-11.17.1","ffmpeg-private-devel":"3.4.2-11.17.1","libavcodec-devel":"3.4.2-11.17.1","libavcodec57":"3.4.2-11.17.1","libavcodec57-32bit":"3.4.2-11.17.1","libavdevice-devel":"3.4.2-11.17.1","libavdevice57":"3.4.2-11.17.1","libavdevice57-32bit":"3.4.2-11.17.1","libavfilter-devel":"3.4.2-11.17.1","libavfilter6":"3.4.2-11.17.1","libavfilter6-32bit":"3.4.2-11.17.1","libavformat-devel":"3.4.2-11.17.1","libavformat57":"3.4.2-11.17.1","libavformat57-32bit":"3.4.2-11.17.1","libavresample-devel":"3.4.2-11.17.1","libavresample3":"3.4.2-11.17.1","libavresample3-32bit":"3.4.2-11.17.1","libavutil-devel":"3.4.2-11.17.1","libavutil55":"3.4.2-11.17.1","libavutil55-32bit":"3.4.2-11.17.1","libpostproc-devel":"3.4.2-11.17.1","libpostproc54":"3.4.2-11.17.1","libpostproc54-32bit":"3.4.2-11.17.1","libswresample-devel":"3.4.2-11.17.1","libswresample2":"3.4.2-11.17.1","libswresample2-32bit":"3.4.2-11.17.1","libswscale-devel":"3.4.2-11.17.1","libswscale4":"3.4.2-11.17.1","libswscale4-32bit":"3.4.2-11.17.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"ffmpeg","purl":"pkg:rpm/opensuse/ffmpeg&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.4.2-11.17.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ffmpeg fixes the following issues:\n\n- CVE-2021-3566: Fixed information leak (bsc#1189166).\n- CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert() (bsc#1190734)\n- CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt() (bsc#1190733)\n- CVE-2021-38094: Fixed integer overflow vulnerability in filter_sobel() (bsc#1190735)\n- CVE-2020-22037: Fixed denial of service vulnerability caused by memory leak in avcodec_alloc_context3() (bsc#1186756)\n- CVE-2020-35965: Fixed out-of-bounds write in decode_frame() (bsc#1187852)\n- CVE-2020-20892: Fixed an issue with filter_frame() (bsc#1190719)\n- CVE-2020-20891: Fixed a buffer overflow vulnerability in config_input() (bsc#1190718)\n- CVE-2020-20895: Fixed a buffer overflow vulnerability in function filter_vertically_##name (bsc#1190722)\n- CVE-2020-20896: Fixed an issue with latm_write_packet() (bsc#1190723)\n- CVE-2020-20899: Fixed a buffer overflow vulnerability in config_props() (bsc#1190726)\n- CVE-2020-20902: Fixed an out-of-bounds read vulnerabilit long_term_filter() (bsc#1190729)\n","id":"openSUSE-SU-2021:3521-1","modified":"2021-10-26T13:39:27Z","published":"2021-10-26T13:39:27Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HVCB2YATP2LRWUBIGFYZQUFV52VSFT2B/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186756"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187852"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189166"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190718"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190719"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190722"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190723"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190726"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190729"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190733"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190734"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190735"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-20891"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-20892"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-20895"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-20896"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-20899"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-20902"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-22037"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-35965"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3566"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-38092"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-38093"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-38094"}],"related":["CVE-2020-20891","CVE-2020-20892","CVE-2020-20895","CVE-2020-20896","CVE-2020-20899","CVE-2020-20902","CVE-2020-22037","CVE-2020-35965","CVE-2021-3566","CVE-2021-38092","CVE-2021-38093","CVE-2021-38094"],"summary":"Security update for ffmpeg","upstream":["CVE-2020-20891","CVE-2020-20892","CVE-2020-20895","CVE-2020-20896","CVE-2020-20899","CVE-2020-20902","CVE-2020-22037","CVE-2020-35965","CVE-2021-3566","CVE-2021-38092","CVE-2021-38093","CVE-2021-38094"]}