[openSUSE-SU-2023:0365-1] Security update for vlc
Severity
Moderate
Affected Packages
62
CVEs
2
Security update for vlc
This update for vlc fixes the following issues:
Update to version 3.0.20:
- Video Output:
- Fix green line in fullscreen in D3D11 video output
- Fix crash with some AMD drivers old versions
- Fix events propagation issue when double-clicking with mouse wheel
- Decoders:
- Fix crash when AV1 hardware decoder fails
- Interface:
- Fix annoying disappearance of the Windows fullscreen controller
- Demuxers:
- Fix potential security issue (OOB Write) on MMS:// by checking user size bounds
Update to version 3.0.19:
- Core:
- Fix next-frame freezing in most scenarios
- Demux:
- Support RIFF INFO tags for Wav files
- Fix AVI files with flipped RAW video planes
- Fix duration on short and small Ogg/Opus files
- Fix some HLS/TS streams with ID3 prefix
- Fix some HLS playlist refresh drift
- Fix for GoPro MAX spatial metadata
- Improve FFmpeg-muxed MP4 chapters handling
- Improve playback for QNap-produced AVI files
- Improve playback of some old RealVideo files
- Fix duration probing on some MP4 with missing information
- Decoders:
- Multiple fixes on AAC handling
- Activate hardware decoding of AV1 on Windows (DxVA)
- Improve AV1 HDR support with software decoding
- Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones
- Fix black screen on poorly edited MP4 files on Android Mediacodec
- Fix rawvid video in NV12
- Fix several issues on Windows hardware decoding (including 'too large resolution in DxVA')
- Improve crunchyroll-produced SSA rendering
- Video Output:
- Super Resolution scaling with nVidia and Intel GPUs
- Fix for an issue when cropping on Direct3D9
- Multiple fixes for hardware decoding on D3D11 and OpenGL interop
- Fix an issue when playing -90°rotated video
- Fix subtitles rendering blur on recent macOS
- Input:
- Improve SMB compatibility with Windows 11 hosts
- Contribs:
- Update of fluidlite, fixing some MIDI rendering on Windows
- Update of zlib to 1.2.13 (CVE-2022-37434)
- Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass
- Misc:
- Improve muxing timestamps in a few formats (reset to 0)
- Fix some rendering issues on Linux with the fullscreen controller
- Fix GOOM visualization
- Fixes for Youtube playback
- Fix some MPRIS inconsistencies that broke some OS widgets on Linux
- Implement MPRIS TrackList signals
- Fix opening files in read-only mode
- Fix password search using the Kwallet backend
- Fix some crashes on macOS when switching application
- Fix 5.1/7.1 output on macOS and tvOS
- Fix several crashes and bugs in the macOS preferences panel
- Improvements on the threading of the MMDevice audio output on Windows
- Fix a potential security issue on the uninstaller DLLs
- Fix memory leaks when using the media_list_player libVLC APIs
- Translations:
- Update of most translations
- New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili
- ID
- openSUSE-SU-2023:0365-1
- Severity
- moderate
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4PHTZYGRNV6PDZMHUALPCK2YD6IRL3XD/
- Published
-
2023-11-12T13:00:59
(10 months ago) - Modified
-
2023-11-12T13:00:59
(10 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1650
- ALAS2-2022-1849
- ALAS2-2023-2074
- ALPINE:CVE-2022-37434
- ALPINE:CVE-2023-5217
- ALSA-2022:7106
- ALSA-2022:7314
- ALSA-2022:7793
- ALSA-2022:8291
- ALSA-2023:5434
- ALSA-2023:5435
- ALSA-2023:5537
- ALSA-2023:5539
- CISA-2023:1002
- DSA-5218-1
- DSA-5508-1
- DSA-5509-1
- DSA-5510-1
- DSA-5513-1
- ELSA-2022-7106
- ELSA-2022-7314
- ELSA-2022-7793
- ELSA-2022-8291
- ELSA-2022-9987
- ELSA-2022-9988
- ELSA-2023-1095
- ELSA-2023-5428
- ELSA-2023-5433
- ELSA-2023-5434
- ELSA-2023-5435
- ELSA-2023-5475
- ELSA-2023-5477
- ELSA-2023-5537
- ELSA-2023-5539
- FEDORA-2022-0b517a5397
- FEDORA-2022-15da0cf165
- FEDORA-2022-25e4dbedf9
- FEDORA-2022-3c28ae0cd8
- FEDORA-2022-b8232d1cca
- FEDORA-2023-0cd03c3746
- FEDORA-2023-10ff82e497
- FEDORA-2023-bbb8d72c6f
- FEDORA-2023-c890266d3f
- FEDORA-2023-c896cf87db
- FEDORA-2023-d66a01ad4f
- FEDORA-2023-f696934fbf
- FREEBSD:2BCD6BA4-D8E2-42E5-9033-B50B722821FB
- FREEBSD:6D9C6AAE-5EB1-11EE-8290-A8A1599412C6
- FREEBSD:A1323A76-28F1-11ED-A72A-002590C1F29C
- FREEBSD:F504A8D2-E105-11ED-85F6-84A93843EB75
- GLSA-202210-42
- GLSA-202310-04
- GLSA-202401-34
- MFSA-2023-44
- MS:CVE-2022-37434
- MS:CVE-2023-5217
- NPM:GHSA-QQVQ-6XGJ-JW8G
- openSUSE-SU-2022:2947-1
- openSUSE-SU-2023:0277-1
- openSUSE-SU-2023:0297-1
- openSUSE-SU-2023:0298-1
- openSUSE-SU-2023:0366-1
- RHSA-2022:7106
- RHSA-2022:7314
- RHSA-2022:7793
- RHSA-2022:8291
- RHSA-2023:1095
- RHSA-2023:5428
- RHSA-2023:5433
- RHSA-2023:5434
- RHSA-2023:5435
- RHSA-2023:5475
- RHSA-2023:5477
- RHSA-2023:5537
- RHSA-2023:5539
- RLSA-2022:7106
- RLSA-2022:7793
- RLSA-2022:8291
- RLSA-2023:5428
- RLSA-2023:5435
- SSA:2022-288-01
- SSA:2023-271-01
- SSA:2023-273-01
- SSA:2023-273-02
- SUSE-SU-2022:2845-1
- SUSE-SU-2022:2846-1
- SUSE-SU-2022:2847-1
- SUSE-SU-2022:2947-1
- SUSE-SU-2023:3940-1
- SUSE-SU-2023:3941-1
- SUSE-SU-2023:3946-1
- SUSE-SU-2023:3948-1
- SUSE-SU-2023:3949-1
- SUSE-SU-2023:3950-1
- SUSE-SU-2023:4016-1
- USN-5570-1
- USN-5570-2
- USN-5573-1
- USN-6403-1
- USN-6403-2
- USN-6403-3
- USN-6404-1
- USN-6405-1
- USN-6736-1
- USN-6736-2
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0365-1.json | |
Suse | URL for openSUSE-SU-2023:0365-1 | https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4PHTZYGRNV6PDZMHUALPCK2YD6IRL3XD/ | |
Suse | E-Mail link for openSUSE-SU-2023:0365-1 | https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4PHTZYGRNV6PDZMHUALPCK2YD6IRL3XD/ | |
CVE | SUSE CVE CVE-2022-37434 page | https://www.suse.com/security/cve/CVE-2022-37434/ | |
CVE | SUSE CVE CVE-2023-5217 page | https://www.suse.com/security/cve/CVE-2023-5217/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/vlc?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-vdpau?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-vdpau | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-vdpau?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-vdpau | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-vdpau?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-vdpau | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-vdpau?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-vdpau | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-vdpau?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-vdpau | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-vdpau?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-vdpau | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-qt?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-qt | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-qt?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-qt | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-qt?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-qt | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-qt?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-qt | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-qt?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-qt | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-qt?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-qt | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-opencv?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-opencv | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-opencv?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-opencv | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-opencv?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-opencv | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-opencv?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-opencv | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-opencv?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-opencv | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-opencv?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-opencv | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-noX?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-noX | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-noX?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-noX | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-noX?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-noX | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-noX?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-noX | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-noX?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-noX | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-noX?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-noX | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-lang?arch=noarch&distro=opensuse-leap-15.4 | opensuse | vlc-lang | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | noarch | |
Affected | pkg:rpm/opensuse/vlc-lang?arch=noarch&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-lang | < 3.0.20-bp154.2.6.1 | opensuse-15 | noarch | |
Affected | pkg:rpm/opensuse/vlc-jack?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-jack | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-jack?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-jack | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-jack?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-jack | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-jack?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-jack | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-jack?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-jack | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-jack?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-jack | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-devel?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-devel | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-devel?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-devel | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-devel?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-devel | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-devel?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-devel | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-devel?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-devel | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-devel?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-devel | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | vlc-codec-gstreamer | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-codec-gstreamer | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | vlc-codec-gstreamer | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-codec-gstreamer | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | vlc-codec-gstreamer | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/vlc-codec-gstreamer?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | vlc-codec-gstreamer | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/libvlccore9?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | libvlccore9 | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/libvlccore9?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | libvlccore9 | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/libvlccore9?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | libvlccore9 | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/libvlccore9?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | libvlccore9 | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/libvlccore9?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | libvlccore9 | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/libvlccore9?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | libvlccore9 | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 | |
Affected | pkg:rpm/opensuse/libvlc5?arch=x86_64&distro=opensuse-leap-15.4 | opensuse | libvlc5 | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/opensuse/libvlc5?arch=x86_64&distro=opensuse-15&repo=suse-package-hub | opensuse | libvlc5 | < 3.0.20-bp154.2.6.1 | opensuse-15 | x86_64 | |
Affected | pkg:rpm/opensuse/libvlc5?arch=ppc64le&distro=opensuse-leap-15.4 | opensuse | libvlc5 | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/opensuse/libvlc5?arch=ppc64le&distro=opensuse-15&repo=suse-package-hub | opensuse | libvlc5 | < 3.0.20-bp154.2.6.1 | opensuse-15 | ppc64le | |
Affected | pkg:rpm/opensuse/libvlc5?arch=aarch64&distro=opensuse-leap-15.4 | opensuse | libvlc5 | < 3.0.20-bp154.2.6.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/opensuse/libvlc5?arch=aarch64&distro=opensuse-15&repo=suse-package-hub | opensuse | libvlc5 | < 3.0.20-bp154.2.6.1 | opensuse-15 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |