{"affected":[{"ecosystem_specific":{"binaries":[{"libvlc5":"3.0.18-bp153.2.6.1","libvlccore9":"3.0.18-bp153.2.6.1","vlc":"3.0.18-bp153.2.6.1","vlc-codec-gstreamer":"3.0.18-bp153.2.6.1","vlc-devel":"3.0.18-bp153.2.6.1","vlc-jack":"3.0.18-bp153.2.6.1","vlc-lang":"3.0.18-bp153.2.6.1","vlc-noX":"3.0.18-bp153.2.6.1","vlc-opencv":"3.0.18-bp153.2.6.1","vlc-qt":"3.0.18-bp153.2.6.1","vlc-vdpau":"3.0.18-bp153.2.6.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP3","name":"vlc","purl":"pkg:rpm/suse/vlc&distro=SUSE%20Package%20Hub%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.0.18-bp153.2.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libvlc5":"3.0.18-bp153.2.6.1","libvlccore9":"3.0.18-bp153.2.6.1","vlc":"3.0.18-bp153.2.6.1","vlc-codec-gstreamer":"3.0.18-bp153.2.6.1","vlc-devel":"3.0.18-bp153.2.6.1","vlc-jack":"3.0.18-bp153.2.6.1","vlc-lang":"3.0.18-bp153.2.6.1","vlc-noX":"3.0.18-bp153.2.6.1","vlc-opencv":"3.0.18-bp153.2.6.1","vlc-qt":"3.0.18-bp153.2.6.1","vlc-vdpau":"3.0.18-bp153.2.6.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"vlc","purl":"pkg:rpm/opensuse/vlc&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.0.18-bp153.2.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for vlc fixes the following issues:\n\n- Update to version 3.0.18 (CVE-2022-41325, boo#1206142):\n  + macOS: Fix audio device listing with non-latin names.\n  + Misc: Fix rendering and performance issue with older GPUs.\n  + Updated translations.\n- Changes from version 3.0.18-rc2:\n  + Codec/Demux:\n    - Add support for Y16 chroma.\n    - Fix build of gme plugin.\n  + Lua:\n    - Fix script for vocaroo.\n    - Fix script for youtube to allow throttled playback.\n  + Service Discovery: Fix UPnP regression on Windows.\n  + Video Output: Fix video placement with caopengllayer.\n  + Misc: Fix password search in kwallet module.\n- Changes from version 3.0.18-rc:\n  + Demux:\n    - Major adaptive streaming update, notably for multiple\n      timelies and webvtt.\n    - Fix seeking with some fragmented MP4 files.\n    - Add support for DVBSub inside MKV.\n    - Fix some Flac files that could not be played.\n    - Improve seeking in Ogg files.\n  + Decoders:\n    - Fix DxVA/D3D11 crashes on HEVC files with bogus references.\n    - Fix libass storage size and crash.\n    - Fix decoding errors on macOS hw decoding on some HEVC files.\n  + Video Output:\n    - Fix color regression with VAAPI/iOS and OpenGL output.\n    - Fix some resizing issues with OpenGL on GLX/EGL/X11/XV.\n    - Fix Direct3d9 texture stretching.\n    - Fix 10-bit accelerated video filters on macOS.\n  + Playlist: Avoid playlist liveloop on failed/tiny items\n    (temporize EOS bursts).\n  + Misc:\n    - Misc fixes for the extension UI on macOS.\n    - Improve SMBv1 and SMBv2 behaviours.\n    - Improve FTP compatibility.\n    - Support RISC-V.\n    - Fix AVI muxing for Windows Media Player compatibility.\n    - Fix seeking speed on macOS.\n","id":"openSUSE-SU-2022:10252-1","modified":"2022-12-27T09:00:21Z","published":"2022-12-27T09:00:21Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YI4EVQJJHK52U3OVX236TQ775IVEFDQS/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1200944"},{"type":"REPORT","url":"https://bugzilla.suse.com/1206142"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-0499"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-0561"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-41325"}],"related":["CVE-2020-0499","CVE-2021-0561","CVE-2022-41325"],"summary":"Security update for vlc","upstream":["CVE-2020-0499","CVE-2021-0561","CVE-2022-41325"]}