{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for vlc","title":"Title of the patch"},{"category":"description","text":"This update for vlc to version 3.0.7.1 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-5439: Fixed a buffer overflow (bsc#1138354).\n- CVE-2019-5459: Fixed an integer underflow (bsc#1143549).\n- CVE-2019-5460: Fixed a double free (bsc#1143547).\n- CVE-2019-12874: Fixed a double free in zlib_decompress_extra in modules/demux/mkv/util.cpp (bsc#1138933).\n- CVE-2019-13602: Fixed an integer underflow in mp4 demuxer (boo#1141522).\n- CVE-2019-13962: Fixed a heap-based buffer over-read in avcodec (boo#1142161).\n\nNon-security issues fixed:\n\n- Video Output:\n  * Fix hardware acceleration with some AMD drivers\n  * Improve direct3d11 HDR support\n- Access:\n  * Improve Blu-ray support\n- Audio output:\n  * Fix pass-through on Android-23\n  * Fix DirectSound drain\n- Demux: Improve MP4 support\n- Video Output:\n  * Fix 12 bits sources playback with Direct3D11\n  * Fix crash on iOS\n  * Fix midstream aspect-ratio changes when Windows hardware decoding is on\n  * Fix HLG display with Direct3D11\n- Stream Output: Improve Chromecast support with new ChromeCast apps\n- Misc:\n  * Update Youtube, Dailymotion, Vimeo, Soundcloud scripts\n  * Work around busy looping when playing an invalid item with loop enabled\n- Updated translations.\n\nNew package libaom:\n  * Initial version 1.0.0\n  * A library for AOMedia Video 1 (AV1), an open, royalty-free video coding format\n    designed for video transmissions over the Internet.\n\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","title":"Description of the patch"},{"category":"details","text":"openSUSE-2019-2015","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2015-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2019:2015-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RNBI5GJAXU5KVZYP22ZO47MDJGB63ZQK/#RNBI5GJAXU5KVZYP22ZO47MDJGB63ZQK"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2019:2015-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RNBI5GJAXU5KVZYP22ZO47MDJGB63ZQK/#RNBI5GJAXU5KVZYP22ZO47MDJGB63ZQK"},{"category":"self","summary":"SUSE Bug 1093732","url":"https://bugzilla.suse.com/1093732"},{"category":"self","summary":"SUSE Bug 1094893","url":"https://bugzilla.suse.com/1094893"},{"category":"self","summary":"SUSE Bug 1118586","url":"https://bugzilla.suse.com/1118586"},{"category":"self","summary":"SUSE Bug 1133290","url":"https://bugzilla.suse.com/1133290"},{"category":"self","summary":"SUSE Bug 1138354","url":"https://bugzilla.suse.com/1138354"},{"category":"self","summary":"SUSE Bug 1138933","url":"https://bugzilla.suse.com/1138933"},{"category":"self","summary":"SUSE Bug 1141522","url":"https://bugzilla.suse.com/1141522"},{"category":"self","summary":"SUSE Bug 1142161","url":"https://bugzilla.suse.com/1142161"},{"category":"self","summary":"SUSE Bug 1143547","url":"https://bugzilla.suse.com/1143547"},{"category":"self","summary":"SUSE Bug 1143549","url":"https://bugzilla.suse.com/1143549"},{"category":"self","summary":"SUSE CVE CVE-2018-19857 page","url":"https://www.suse.com/security/cve/CVE-2018-19857/"},{"category":"self","summary":"SUSE CVE CVE-2019-12874 page","url":"https://www.suse.com/security/cve/CVE-2019-12874/"},{"category":"self","summary":"SUSE CVE CVE-2019-13602 page","url":"https://www.suse.com/security/cve/CVE-2019-13602/"},{"category":"self","summary":"SUSE CVE CVE-2019-13962 page","url":"https://www.suse.com/security/cve/CVE-2019-13962/"},{"category":"self","summary":"SUSE CVE CVE-2019-5439 page","url":"https://www.suse.com/security/cve/CVE-2019-5439/"},{"category":"self","summary":"SUSE CVE CVE-2019-5459 page","url":"https://www.suse.com/security/cve/CVE-2019-5459/"},{"category":"self","summary":"SUSE CVE CVE-2019-5460 page","url":"https://www.suse.com/security/cve/CVE-2019-5460/"}],"title":"Security update for vlc","tracking":{"current_release_date":"2019-08-26T14:22:46Z","generator":{"date":"2019-08-26T14:22:46Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2019:2015-1","initial_release_date":"2019-08-26T14:22:46Z","revision_history":[{"date":"2019-08-26T14:22:46Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"aom-tools-1.0.0-bp150.2.1.aarch64","product":{"name":"aom-tools-1.0.0-bp150.2.1.aarch64","product_id":"aom-tools-1.0.0-bp150.2.1.aarch64"}},{"category":"product_version","name":"libaom-devel-1.0.0-bp150.2.1.aarch64","product":{"name":"libaom-devel-1.0.0-bp150.2.1.aarch64","product_id":"libaom-devel-1.0.0-bp150.2.1.aarch64"}},{"category":"product_version","name":"libaom0-1.0.0-bp150.2.1.aarch64","product":{"name":"libaom0-1.0.0-bp150.2.1.aarch64","product_id":"libaom0-1.0.0-bp150.2.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","product":{"name":"libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","product_id":"libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32"}}],"category":"architecture","name":"aarch64_ilp32"},{"branches":[{"category":"product_version","name":"libaom-devel-doc-1.0.0-bp150.2.1.noarch","product":{"name":"libaom-devel-doc-1.0.0-bp150.2.1.noarch","product_id":"libaom-devel-doc-1.0.0-bp150.2.1.noarch"}},{"category":"product_version","name":"vlc-lang-3.0.7.1-bp150.2.6.1.noarch","product":{"name":"vlc-lang-3.0.7.1-bp150.2.6.1.noarch","product_id":"vlc-lang-3.0.7.1-bp150.2.6.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"aom-tools-1.0.0-bp150.2.1.ppc64le","product":{"name":"aom-tools-1.0.0-bp150.2.1.ppc64le","product_id":"aom-tools-1.0.0-bp150.2.1.ppc64le"}},{"category":"product_version","name":"libaom-devel-1.0.0-bp150.2.1.ppc64le","product":{"name":"libaom-devel-1.0.0-bp150.2.1.ppc64le","product_id":"libaom-devel-1.0.0-bp150.2.1.ppc64le"}},{"category":"product_version","name":"libaom0-1.0.0-bp150.2.1.ppc64le","product":{"name":"libaom0-1.0.0-bp150.2.1.ppc64le","product_id":"libaom0-1.0.0-bp150.2.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"aom-tools-1.0.0-bp150.2.1.s390x","product":{"name":"aom-tools-1.0.0-bp150.2.1.s390x","product_id":"aom-tools-1.0.0-bp150.2.1.s390x"}},{"category":"product_version","name":"libaom-devel-1.0.0-bp150.2.1.s390x","product":{"name":"libaom-devel-1.0.0-bp150.2.1.s390x","product_id":"libaom-devel-1.0.0-bp150.2.1.s390x"}},{"category":"product_version","name":"libaom0-1.0.0-bp150.2.1.s390x","product":{"name":"libaom0-1.0.0-bp150.2.1.s390x","product_id":"libaom0-1.0.0-bp150.2.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"aom-tools-1.0.0-bp150.2.1.x86_64","product":{"name":"aom-tools-1.0.0-bp150.2.1.x86_64","product_id":"aom-tools-1.0.0-bp150.2.1.x86_64"}},{"category":"product_version","name":"libaom-devel-1.0.0-bp150.2.1.x86_64","product":{"name":"libaom-devel-1.0.0-bp150.2.1.x86_64","product_id":"libaom-devel-1.0.0-bp150.2.1.x86_64"}},{"category":"product_version","name":"libaom0-1.0.0-bp150.2.1.x86_64","product":{"name":"libaom0-1.0.0-bp150.2.1.x86_64","product_id":"libaom0-1.0.0-bp150.2.1.x86_64"}},{"category":"product_version","name":"libvlc5-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"libvlc5-3.0.7.1-bp150.2.6.1.x86_64","product_id":"libvlc5-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","product_id":"libvlccore9-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-devel-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-jack-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-noX-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-qt-3.0.7.1-bp150.2.6.1.x86_64"}},{"category":"product_version","name":"vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64","product":{"name":"vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64","product_id":"vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Package Hub 15","product":{"name":"SUSE Package Hub 15","product_id":"SUSE Package Hub 15"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"aom-tools-1.0.0-bp150.2.1.aarch64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64"},"product_reference":"aom-tools-1.0.0-bp150.2.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"aom-tools-1.0.0-bp150.2.1.ppc64le as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le"},"product_reference":"aom-tools-1.0.0-bp150.2.1.ppc64le","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"aom-tools-1.0.0-bp150.2.1.s390x as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x"},"product_reference":"aom-tools-1.0.0-bp150.2.1.s390x","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"aom-tools-1.0.0-bp150.2.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64"},"product_reference":"aom-tools-1.0.0-bp150.2.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom-devel-1.0.0-bp150.2.1.aarch64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64"},"product_reference":"libaom-devel-1.0.0-bp150.2.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom-devel-1.0.0-bp150.2.1.ppc64le as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le"},"product_reference":"libaom-devel-1.0.0-bp150.2.1.ppc64le","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom-devel-1.0.0-bp150.2.1.s390x as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x"},"product_reference":"libaom-devel-1.0.0-bp150.2.1.s390x","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom-devel-1.0.0-bp150.2.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64"},"product_reference":"libaom-devel-1.0.0-bp150.2.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom-devel-doc-1.0.0-bp150.2.1.noarch as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch"},"product_reference":"libaom-devel-doc-1.0.0-bp150.2.1.noarch","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom0-1.0.0-bp150.2.1.aarch64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64"},"product_reference":"libaom0-1.0.0-bp150.2.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom0-1.0.0-bp150.2.1.ppc64le as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le"},"product_reference":"libaom0-1.0.0-bp150.2.1.ppc64le","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom0-1.0.0-bp150.2.1.s390x as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x"},"product_reference":"libaom0-1.0.0-bp150.2.1.s390x","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom0-1.0.0-bp150.2.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64"},"product_reference":"libaom0-1.0.0-bp150.2.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32"},"product_reference":"libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libvlc5-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"libvlc5-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"libvlccore9-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-devel-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-jack-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-lang-3.0.7.1-bp150.2.6.1.noarch as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch"},"product_reference":"vlc-lang-3.0.7.1-bp150.2.6.1.noarch","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-noX-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-qt-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"},{"category":"default_component_of","full_product_name":{"name":"vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64 as component of SUSE Package Hub 15","product_id":"SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"},"product_reference":"vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15"}]},"vulnerabilities":[{"cve":"CVE-2018-19857","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-19857"}],"notes":[{"category":"general","text":"The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-19857","url":"https://www.suse.com/security/cve/CVE-2018-19857"},{"category":"external","summary":"SUSE Bug 1118586 for CVE-2018-19857","url":"https://bugzilla.suse.com/1118586"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.1,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","version":"3.0"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"moderate"}],"title":"CVE-2018-19857"},{"cve":"CVE-2019-12874","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-12874"}],"notes":[{"category":"general","text":"An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-12874","url":"https://www.suse.com/security/cve/CVE-2019-12874"},{"category":"external","summary":"SUSE Bug 1138933 for CVE-2019-12874","url":"https://bugzilla.suse.com/1138933"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"important"}],"title":"CVE-2019-12874"},{"cve":"CVE-2019-13602","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13602"}],"notes":[{"category":"general","text":"An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13602","url":"https://www.suse.com/security/cve/CVE-2019-13602"},{"category":"external","summary":"SUSE Bug 1141522 for CVE-2019-13602","url":"https://bugzilla.suse.com/1141522"},{"category":"external","summary":"SUSE Bug 1146428 for CVE-2019-13602","url":"https://bugzilla.suse.com/1146428"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"important"}],"title":"CVE-2019-13602"},{"cve":"CVE-2019-13962","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13962"}],"notes":[{"category":"general","text":"lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13962","url":"https://www.suse.com/security/cve/CVE-2019-13962"},{"category":"external","summary":"SUSE Bug 1142161 for CVE-2019-13962","url":"https://bugzilla.suse.com/1142161"},{"category":"external","summary":"SUSE Bug 1146428 for CVE-2019-13962","url":"https://bugzilla.suse.com/1146428"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"critical"}],"title":"CVE-2019-13962"},{"cve":"CVE-2019-5439","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-5439"}],"notes":[{"category":"general","text":"A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-5439","url":"https://www.suse.com/security/cve/CVE-2019-5439"},{"category":"external","summary":"SUSE Bug 1138354 for CVE-2019-5439","url":"https://bugzilla.suse.com/1138354"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"moderate"}],"title":"CVE-2019-5439"},{"cve":"CVE-2019-5459","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-5459"}],"notes":[{"category":"general","text":"An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-5459","url":"https://www.suse.com/security/cve/CVE-2019-5459"},{"category":"external","summary":"SUSE Bug 1143549 for CVE-2019-5459","url":"https://bugzilla.suse.com/1143549"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","version":"3.1"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"moderate"}],"title":"CVE-2019-5459"},{"cve":"CVE-2019-5460","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-5460"}],"notes":[{"category":"general","text":"Double Free in VLC versions <= 3.0.6 leads to a crash.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-5460","url":"https://www.suse.com/security/cve/CVE-2019-5460"},{"category":"external","summary":"SUSE Bug 1143547 for CVE-2019-5460","url":"https://bugzilla.suse.com/1143547"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:aom-tools-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom-devel-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom-devel-doc-1.0.0-bp150.2.1.noarch","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.aarch64","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.ppc64le","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.s390x","SUSE Package Hub 15:libaom0-1.0.0-bp150.2.1.x86_64","SUSE Package Hub 15:libaom0-64bit-1.0.0-bp150.2.1.aarch64_ilp32","SUSE Package Hub 15:libvlc5-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:libvlccore9-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-codec-gstreamer-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-devel-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-jack-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-lang-3.0.7.1-bp150.2.6.1.noarch","SUSE Package Hub 15:vlc-noX-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-qt-3.0.7.1-bp150.2.6.1.x86_64","SUSE Package Hub 15:vlc-vdpau-3.0.7.1-bp150.2.6.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-08-26T14:22:46Z","details":"moderate"}],"title":"CVE-2019-5460"}]}