[openSUSE-SU-2023:0365-1] Security update for vlc
Severity
Moderate
Affected Packages
62
CVEs
2
Security update for vlc
This update for vlc fixes the following issues:
Update to version 3.0.20:
- Video Output:
- Fix green line in fullscreen in D3D11 video output
- Fix crash with some AMD drivers old versions
- Fix events propagation issue when double-clicking with mouse wheel
- Decoders:
- Fix crash when AV1 hardware decoder fails
- Interface:
- Fix annoying disappearance of the Windows fullscreen controller
- Demuxers:
- Fix potential security issue (OOB Write) on MMS:// by checking user size bounds
Update to version 3.0.19:
- Core:
- Fix next-frame freezing in most scenarios
- Demux:
- Support RIFF INFO tags for Wav files
- Fix AVI files with flipped RAW video planes
- Fix duration on short and small Ogg/Opus files
- Fix some HLS/TS streams with ID3 prefix
- Fix some HLS playlist refresh drift
- Fix for GoPro MAX spatial metadata
- Improve FFmpeg-muxed MP4 chapters handling
- Improve playback for QNap-produced AVI files
- Improve playback of some old RealVideo files
- Fix duration probing on some MP4 with missing information
- Decoders:
- Multiple fixes on AAC handling
- Activate hardware decoding of AV1 on Windows (DxVA)
- Improve AV1 HDR support with software decoding
- Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones
- Fix black screen on poorly edited MP4 files on Android Mediacodec
- Fix rawvid video in NV12
- Fix several issues on Windows hardware decoding (including 'too large resolution in DxVA')
- Improve crunchyroll-produced SSA rendering
- Video Output:
- Super Resolution scaling with nVidia and Intel GPUs
- Fix for an issue when cropping on Direct3D9
- Multiple fixes for hardware decoding on D3D11 and OpenGL interop
- Fix an issue when playing -90°rotated video
- Fix subtitles rendering blur on recent macOS
- Input:
- Improve SMB compatibility with Windows 11 hosts
- Contribs:
- Update of fluidlite, fixing some MIDI rendering on Windows
- Update of zlib to 1.2.13 (CVE-2022-37434)
- Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass
- Misc:
- Improve muxing timestamps in a few formats (reset to 0)
- Fix some rendering issues on Linux with the fullscreen controller
- Fix GOOM visualization
- Fixes for Youtube playback
- Fix some MPRIS inconsistencies that broke some OS widgets on Linux
- Implement MPRIS TrackList signals
- Fix opening files in read-only mode
- Fix password search using the Kwallet backend
- Fix some crashes on macOS when switching application
- Fix 5.1/7.1 output on macOS and tvOS
- Fix several crashes and bugs in the macOS preferences panel
- Improvements on the threading of the MMDevice audio output on Windows
- Fix a potential security issue on the uninstaller DLLs
- Fix memory leaks when using the media_list_player libVLC APIs
- Translations:
- Update of most translations
- New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili
- ID
- openSUSE-SU-2023:0365-1
- Severity
- moderate
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4PHTZYGRNV6PDZMHUALPCK2YD6IRL3XD/
- Published
-
2023-11-12T13:00:59
(10 months ago) - Modified
-
2023-11-12T13:00:59
(10 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2022-1650
-
ALAS2-2022-1849
-
ALAS2-2023-2074
-
ALPINE:CVE-2022-37434
-
ALPINE:CVE-2023-5217
-
ALSA-2022:7106
-
ALSA-2022:7314
-
ALSA-2022:7793
-
ALSA-2022:8291
-
ALSA-2023:5434
-
ALSA-2023:5435
-
ALSA-2023:5537
-
ALSA-2023:5539
-
CISA-2023:1002
-
DSA-5218-1
-
DSA-5508-1
-
DSA-5509-1
-
DSA-5510-1
-
DSA-5513-1
-
ELSA-2022-7106
-
ELSA-2022-7314
-
ELSA-2022-7793
-
ELSA-2022-8291
-
ELSA-2022-9987
-
ELSA-2022-9988
-
ELSA-2023-1095
-
ELSA-2023-5428
-
ELSA-2023-5433
-
ELSA-2023-5434
-
ELSA-2023-5435
-
ELSA-2023-5475
-
ELSA-2023-5477
-
ELSA-2023-5537
-
ELSA-2023-5539
-
FEDORA-2022-0b517a5397
-
FEDORA-2022-15da0cf165
-
FEDORA-2022-25e4dbedf9
-
FEDORA-2022-3c28ae0cd8
-
FEDORA-2022-b8232d1cca
-
FEDORA-2023-0cd03c3746
-
FEDORA-2023-10ff82e497
-
FEDORA-2023-bbb8d72c6f
-
FEDORA-2023-c890266d3f
-
FEDORA-2023-c896cf87db
-
FEDORA-2023-d66a01ad4f
-
FEDORA-2023-f696934fbf
-
FREEBSD:2BCD6BA4-D8E2-42E5-9033-B50B722821FB
-
FREEBSD:6D9C6AAE-5EB1-11EE-8290-A8A1599412C6
-
FREEBSD:A1323A76-28F1-11ED-A72A-002590C1F29C
-
FREEBSD:F504A8D2-E105-11ED-85F6-84A93843EB75
-
GLSA-202210-42
-
GLSA-202310-04
-
GLSA-202401-34
-
MFSA-2023-44
-
MS:CVE-2022-37434
-
MS:CVE-2023-5217
-
NPM:GHSA-QQVQ-6XGJ-JW8G
-
openSUSE-SU-2022:2947-1
-
openSUSE-SU-2023:0277-1
-
openSUSE-SU-2023:0297-1
-
openSUSE-SU-2023:0298-1
-
openSUSE-SU-2023:0366-1
-
RHSA-2022:7106
-
RHSA-2022:7314
-
RHSA-2022:7793
-
RHSA-2022:8291
-
RHSA-2023:1095
-
RHSA-2023:5428
-
RHSA-2023:5433
-
RHSA-2023:5434
-
RHSA-2023:5435
-
RHSA-2023:5475
-
RHSA-2023:5477
-
RHSA-2023:5537
-
RHSA-2023:5539
-
RLSA-2022:7106
-
RLSA-2022:7793
-
RLSA-2022:8291
-
RLSA-2023:5428
-
RLSA-2023:5435
-
SSA:2022-288-01
-
SSA:2023-271-01
-
SSA:2023-273-01
-
SSA:2023-273-02
-
SUSE-SU-2022:2845-1
-
SUSE-SU-2022:2846-1
-
SUSE-SU-2022:2847-1
-
SUSE-SU-2022:2947-1
-
SUSE-SU-2023:3940-1
-
SUSE-SU-2023:3941-1
-
SUSE-SU-2023:3946-1
-
SUSE-SU-2023:3948-1
-
SUSE-SU-2023:3949-1
-
SUSE-SU-2023:3950-1
-
SUSE-SU-2023:4016-1
-
USN-5570-1
-
USN-5570-2
-
USN-5573-1
-
USN-6403-1
-
USN-6403-2
-
USN-6403-3
-
USN-6404-1
-
USN-6405-1
-
USN-6736-1
-
USN-6736-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for openSUSE-SU-2023:0365-1 |
|
|
| Suse | E-Mail link for openSUSE-SU-2023:0365-1 |
|
|
| CVE | SUSE CVE CVE-2022-37434 page |
|
|
| CVE | SUSE CVE CVE-2023-5217 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/opensuse/vlc?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
 vlc
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-vdpau?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-vdpau
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-vdpau?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-vdpau
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-vdpau?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-vdpau
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-vdpau?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-vdpau
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-vdpau?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-vdpau
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-vdpau?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-vdpau
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-qt?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-qt
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-qt?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-qt
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-qt?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-qt
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-qt?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-qt
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-qt?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-qt
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-qt?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-qt
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-opencv?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-opencv
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-opencv?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-opencv
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-opencv?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-opencv
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-opencv?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-opencv
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-opencv?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-opencv
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-opencv?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-opencv
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-noX?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-noX
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-noX?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-noX
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-noX?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-noX
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-noX?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-noX
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-noX?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-noX
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-noX?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-noX
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-lang?arch=noarch&distro=opensuse-leap-15.4 | opensuse |
vlc-lang
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | noarch | |
| Affected | pkg:rpm/opensuse/vlc-lang?arch=noarch&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-lang
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | noarch | |
| Affected | pkg:rpm/opensuse/vlc-jack?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-jack
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-jack?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-jack
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-jack?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-jack
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-jack?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-jack
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-jack?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-jack
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-jack?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-jack
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-devel?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-devel
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-devel?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-devel
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-devel?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-devel
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-devel?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-devel
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-devel?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-devel
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-devel?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-devel
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
vlc-codec-gstreamer
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-codec-gstreamer
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
vlc-codec-gstreamer
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-codec-gstreamer
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
vlc-codec-gstreamer
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
vlc-codec-gstreamer
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/libvlccore9?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
libvlccore9
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/libvlccore9?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
libvlccore9
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/libvlccore9?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
libvlccore9
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/libvlccore9?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
libvlccore9
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/libvlccore9?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
libvlccore9
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/libvlccore9?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
libvlccore9
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
| Affected | pkg:rpm/opensuse/libvlc5?arch=x86_64&distro=opensuse-leap-15.4 | opensuse |
libvlc5
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/opensuse/libvlc5?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse |
libvlc5
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
| Affected | pkg:rpm/opensuse/libvlc5?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse |
libvlc5
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/opensuse/libvlc5?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse |
libvlc5
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
| Affected | pkg:rpm/opensuse/libvlc5?arch=aarch64&distro=opensuse-leap-15.4 | opensuse |
libvlc5
|
< 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/opensuse/libvlc5?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse |
libvlc5
|
< 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |