Security update for vlc SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1897-1 Final 1 1 2019-08-15T08:55:15Z current 2019-08-15T08:55:15Z 2019-08-15T08:55:15Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for vlc This update for vlc to version 3.0.7.1 fixes the following issues: Security issues fixed: - CVE-2019-5439: Fixed a buffer overflow (bsc#1138354). - CVE-2019-5459: Fixed an integer underflow (bsc#1143549). - CVE-2019-5460: Fixed a double free (bsc#1143547). - CVE-2019-12874: Fixed a double free in zlib_decompress_extra in modules/demux/mkv/util.cpp (bsc#1138933). - CVE-2019-13602: Fixed an integer underflow in mp4 demuxer (boo#1141522). - CVE-2019-13962: Fixed a heap-based buffer over-read in avcodec (boo#1142161). Non-security issues fixed: - Video Output: * Fix hardware acceleration with some AMD drivers * Improve direct3d11 HDR support - Access: * Improve Blu-ray support - Audio output: * Fix pass-through on Android-23 * Fix DirectSound drain - Demux: Improve MP4 support - Video Output: * Fix 12 bits sources playback with Direct3D11 * Fix crash on iOS * Fix midstream aspect-ratio changes when Windows hardware decoding is on * Fix HLG display with Direct3D11 - Stream Output: Improve Chromecast support with new ChromeCast apps - Misc: * Update Youtube, Dailymotion, Vimeo, Soundcloud scripts * Work around busy looping when playing an invalid item with loop enabled - Updated translations. This update was imported from the openSUSE:Leap:15.1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1897 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M E-Mail link for openSUSE-SU-2019:1897-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1118586 SUSE Bug 1118586 https://bugzilla.suse.com/1138354 SUSE Bug 1138354 https://bugzilla.suse.com/1138933 SUSE Bug 1138933 https://bugzilla.suse.com/1141522 SUSE Bug 1141522 https://bugzilla.suse.com/1142161 SUSE Bug 1142161 https://bugzilla.suse.com/1143547 SUSE Bug 1143547 https://bugzilla.suse.com/1143549 SUSE Bug 1143549 https://www.suse.com/security/cve/CVE-2018-19857/ SUSE CVE CVE-2018-19857 page https://www.suse.com/security/cve/CVE-2019-12874/ SUSE CVE CVE-2019-12874 page https://www.suse.com/security/cve/CVE-2019-13602/ SUSE CVE CVE-2019-13602 page https://www.suse.com/security/cve/CVE-2019-13962/ SUSE CVE CVE-2019-13962 page https://www.suse.com/security/cve/CVE-2019-5439/ SUSE CVE CVE-2019-5439 page https://www.suse.com/security/cve/CVE-2019-5459/ SUSE CVE CVE-2019-5459 page https://www.suse.com/security/cve/CVE-2019-5460/ SUSE CVE CVE-2019-5460 page SUSE Package Hub 15 SP1 libvlc5-3.0.7.1-bp151.5.3.3 libvlccore9-3.0.7.1-bp151.5.3.3 vlc-3.0.7.1-bp151.5.3.3 vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 vlc-devel-3.0.7.1-bp151.5.3.3 vlc-jack-3.0.7.1-bp151.5.3.3 vlc-lang-3.0.7.1-bp151.5.3.3 vlc-noX-3.0.7.1-bp151.5.3.3 vlc-qt-3.0.7.1-bp151.5.3.3 vlc-vdpau-3.0.7.1-bp151.5.3.3 libvlc5-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 libvlccore9-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-devel-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-jack-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-lang-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-noX-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-qt-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 vlc-vdpau-3.0.7.1-bp151.5.3.3 as a component of SUSE Package Hub 15 SP1 The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak. CVE-2018-19857 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2018-19857.html CVE-2018-19857 https://bugzilla.suse.com/1118586 SUSE Bug 1118586 An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free. CVE-2019-12874 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2019-12874.html CVE-2019-12874 https://bugzilla.suse.com/1138933 SUSE Bug 1138933 An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. CVE-2019-13602 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2019-13602.html CVE-2019-13602 https://bugzilla.suse.com/1141522 SUSE Bug 1141522 https://bugzilla.suse.com/1146428 SUSE Bug 1146428 lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. CVE-2019-13962 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2019-13962.html CVE-2019-13962 https://bugzilla.suse.com/1142161 SUSE Bug 1142161 https://bugzilla.suse.com/1146428 SUSE Bug 1146428 A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. CVE-2019-5439 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2019-5439.html CVE-2019-5439 https://bugzilla.suse.com/1138354 SUSE Bug 1138354 An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. CVE-2019-5459 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2019-5459.html CVE-2019-5459 https://bugzilla.suse.com/1143549 SUSE Bug 1143549 Double Free in VLC versions <= 3.0.6 leads to a crash. CVE-2019-5460 SUSE Package Hub 15 SP1:libvlc5-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:libvlccore9-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-codec-gstreamer-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-devel-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-jack-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-lang-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-noX-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-qt-3.0.7.1-bp151.5.3.3 SUSE Package Hub 15 SP1:vlc-vdpau-3.0.7.1-bp151.5.3.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M/#BZ6PVIORM3E3KCDWEJP6ZSJVHTRTXT2M https://www.suse.com/security/cve/CVE-2019-5460.html CVE-2019-5460 https://bugzilla.suse.com/1143547 SUSE Bug 1143547