openSUSE-SU-2021:0121-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0121-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2021:0121-1
Related
Published
2021-01-19T17:24:42Z
Modified
2021-01-19T17:24:42Z
Summary
Security update for vlc
Details

This update for vlc fixes the following issues:

Update to 3.0.11.1:

  • CVE-2020-13428: Fixed heap-based buffer overflow in the hxxxAnnexBto_xVC () (boo#1172727)
  • CVE-2020-26664: Fixed heap-based buffer overflow in EbmlTypeDispatcher:send () (boo#1180755)

This update was imported from the openSUSE:Leap:15.1:Update update project.

References

Affected packages

SUSE:Package Hub 15 SP1 / vlc

Package

Name
vlc
Purl
purl:rpm/suse/vlc&distro=SUSE%20Package%20Hub%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.11.1-bp151.5.12.1

Ecosystem specific

{
    "binaries": [
        {
            "libvlccore9": "3.0.11.1-bp151.5.12.1",
            "vlc-jack": "3.0.11.1-bp151.5.12.1",
            "vlc-codec-gstreamer": "3.0.11.1-bp151.5.12.1",
            "vlc": "3.0.11.1-bp151.5.12.1",
            "vlc-devel": "3.0.11.1-bp151.5.12.1",
            "vlc-vdpau": "3.0.11.1-bp151.5.12.1",
            "vlc-qt": "3.0.11.1-bp151.5.12.1",
            "vlc-lang": "3.0.11.1-bp151.5.12.1",
            "vlc-noX": "3.0.11.1-bp151.5.12.1",
            "vlc-opencv": "3.0.11.1-bp151.5.12.1",
            "libvlc5": "3.0.11.1-bp151.5.12.1"
        }
    ]
}