openSUSE-SU-2026:20710-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2026:20710-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2026:20710-1
- Upstream
- Related
- Published
- 2026-05-09T08:50:33Z
- Modified
- 2026-05-11T18:29:35.532053Z
- Summary
- Security update for ffmpeg-4
- Details
-
This update for ffmpeg-4 fixes the following issues:
Changes in ffmpeg-4:
- CVE-2025-59728: Fixed out-of-bounds NUL-byte write when calculating the content path in handling of MPEG-DASH manifests (bsc#1251137).
- CVE-2025-7700: Fixed a NULL Pointer Dereference in the ALS Decoder (bsc#1246790)
- CVE-2024-36618: Fixed a integer overflow in AVI demuxer (bsc#1234020)
CVE-2023-6601: Fixed HLS Unsafe File Extension Bypass (bsc#1220545).
Update to release 4.4.6
- lavc/libx265: unbreak build for X265_BUILD >= 210
- ARM: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
- rtmpproto: Avoid rare crashes in the
fail:codepath in rtmp_open - avcodec/snow: Fix off by 1 error in run_buffer
- avcodec/mpegvideo_enc: Check FLV1 resolution limits
- References
-
- https://bugzilla.suse.com/1198898
- https://bugzilla.suse.com/1220545
- https://bugzilla.suse.com/1223304
- https://bugzilla.suse.com/1226308
- https://bugzilla.suse.com/1226892
- https://bugzilla.suse.com/1226897
- https://bugzilla.suse.com/1226898
- https://bugzilla.suse.com/1226899
- https://bugzilla.suse.com/1226900
- https://bugzilla.suse.com/1226901
- https://bugzilla.suse.com/1230983
- https://bugzilla.suse.com/1234018
- https://bugzilla.suse.com/1234019
- https://bugzilla.suse.com/1234020
- https://bugzilla.suse.com/1246790
- https://bugzilla.suse.com/1251137
- https://www.suse.com/security/cve/CVE-2022-1475
- https://www.suse.com/security/cve/CVE-2023-22656
- https://www.suse.com/security/cve/CVE-2023-45221
- https://www.suse.com/security/cve/CVE-2023-47169
- https://www.suse.com/security/cve/CVE-2023-47282
- https://www.suse.com/security/cve/CVE-2023-48368
- https://www.suse.com/security/cve/CVE-2023-49502
- https://www.suse.com/security/cve/CVE-2023-50010
- https://www.suse.com/security/cve/CVE-2023-51798
- https://www.suse.com/security/cve/CVE-2023-6601
- https://www.suse.com/security/cve/CVE-2024-36616
- https://www.suse.com/security/cve/CVE-2024-36617
- https://www.suse.com/security/cve/CVE-2024-36618
- https://www.suse.com/security/cve/CVE-2025-0518
- https://www.suse.com/security/cve/CVE-2025-22919
- https://www.suse.com/security/cve/CVE-2025-59728
- https://www.suse.com/security/cve/CVE-2025-7700