openSUSE-SU-2021:0091-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0091-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2021:0091-1
Related
Published
2021-01-16T18:54:28Z
Modified
2021-01-16T18:54:28Z
Summary
Security update for vlc
Details

This update for vlc fixes the following issues:

Update to 3.0.11.1:

  • CVE-2020-13428: Fixed heap-based buffer overflow in the hxxxAnnexBto_xVC () (boo#1172727)
  • CVE-2020-26664: Fixed heap-based buffer overflow in EbmlTypeDispatcher:send () (boo#1180755)
References

Affected packages

openSUSE:Leap 15.2 / vlc

Package

Name
vlc
Purl
purl:rpm/suse/vlc&distro=openSUSE%20Leap%2015.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.11.1-lp152.2.9.1

Ecosystem specific

{
    "binaries": [
        {
            "libvlccore9": "3.0.11.1-lp152.2.9.1",
            "vlc-jack": "3.0.11.1-lp152.2.9.1",
            "vlc-codec-gstreamer": "3.0.11.1-lp152.2.9.1",
            "vlc": "3.0.11.1-lp152.2.9.1",
            "vlc-devel": "3.0.11.1-lp152.2.9.1",
            "vlc-vdpau": "3.0.11.1-lp152.2.9.1",
            "vlc-qt": "3.0.11.1-lp152.2.9.1",
            "vlc-lang": "3.0.11.1-lp152.2.9.1",
            "vlc-noX": "3.0.11.1-lp152.2.9.1",
            "vlc-opencv": "3.0.11.1-lp152.2.9.1",
            "libvlc5": "3.0.11.1-lp152.2.9.1"
        }
    ]
}