Security update for ffmpeg-4 (moderate)

An update that fixes 5 vulnerabilities is now available.

Description:

This update for ffmpeg-4 fixes the following issues:

ffmpeg-4 was updated to version 4.0.5, fixes boo#1133153

• CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c
  in FFmpeg 4.0 allowed remote attackers to cause a denial of service
  (out-of-array access) or possibly have unspecified. (bsc#1133153)
• For other changes see /usr/share/doc/packages/libavcodec58/Changelog

Update to version 4.2.1:

• Stable bug fix release, mainly codecs and format fixes.

• CVE-2019-15942: Conditional jump or move depends on uninitialised value"
  issue in h2645_parse (boo#1149839)

Update to FFmpeg 4.2 “Ada”

• tpad filter
• AV1 decoding support through libdav1d
• dedot filter
• chromashift and rgbashift filters
• freezedetect filter
• truehd_core bitstream filter
• dhav demuxer
• PCM-DVD encoder
• GIF parser
• vividas demuxer
• hymt decoder
• anlmdn filter
• maskfun filter
• hcom demuxer and decoder
• ARBC decoder
• libaribb24 based ARIB STD-B24 caption support (profiles A and C)
• Support decoding of HEVC 4:4:4 content in nvdec and cuviddec
• removed libndi-newtek
• agm decoder
• KUX demuxer
• AV1 frame split bitstream filter
• lscr decoder
• lagfun filter
• asoftclip filter
• Support decoding of HEVC 4:4:4 content in vdpau
• colorhold filter
• xmedian filter
• asr filter
• showspatial multimedia filter
• VP4 video decoder
• IFV demuxer
• derain filter
• deesser filter
• mov muxer writes tracks with unspecified language instead of English by
  default
• added support for using clang to compile CUDA kernels

• See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete
  changelog.

Update to version 4.1.4

• See /usr/share/doc/packages/ffmpeg-4/Changelog for the complete
  changelog.

• Enable runtime enabling for fdkaac via --enable-libfdk-aac-dlopen

Update to version 4.1.3:

• Updates and bug fixes for codecs, filters and formats. [boo#1133153,
  boo#1133155, CVE-2019-11338, CVE-2019-11339]

Update to version 4.1.2:

• Updates and bug fixes for codecs, filters and formats.

Update to version 4.1.1:

• Various filter and codec fixes and enhancements.
• configure: Add missing xlib dependency for VAAPI X11 code.
• For complete changelog, see /usr/share/doc/packages/ffmpeg-4/Changelog
• enable AV1 support on x86_64

Update ffmpeg to 4.1:

• Lots of filter updates as usual: deblock, tmix, aplify, fftdnoiz,
  aderivative, aintegral, pal75bars, pal100bars, adeclick, adeclip,
  lensfun (wrapper), colorconstancy, 1D LUT filter (lut1d), cue, acue,
  transpose_npp, amultiply, Block-Matching 3d (bm3d) denoising filter,
  acrossover filter, audio denoiser as afftdn filter, sinc audio filter
  source, chromahold, setparams, vibrance, xstack, (a)graphmonitor filter
  yadif_cuda filter.
• AV1 parser
• Support for AV1 in MP4
• PCM VIDC decoder and encoder
• libtensorflow backend for DNN based filters like srcnn
• – The following only enabled in third-party builds:
• ATRAC9 decoder
• AVS2 video decoder via libdavs2
• IMM4 video decoder
• Brooktree ProSumer video decoder
• MatchWare Screen Capture Codec decoder
• WinCam Motion Video decoder
• RemotelyAnywhere Screen Capture decoder
• AVS2 video encoder via libxavs2
• ILBC decoder
• SER demuxer
• Decoding S12M timecode in H264
• For complete changelog, see
  https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1

Update ffmpeg to 4.0.3:

• For complete changelog, see
  https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.0.3

• CVE-2018-13305: Added a missing check for negative values of mqaunt
  variable (boo#1100345).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.1:

  zypper in -t patch openSUSE-2020-24=1

• openSUSE Backports SLE-15-SP1:

  zypper in -t patch openSUSE-2020-24=1

• openSUSE Backports SLE-15:

  zypper in -t patch openSUSE-2020-24=1

• SUSE Package Hub for SUSE Linux Enterprise 12:

  zypper in -t patch openSUSE-2020-24=1