| Plattformen: |
SUSE Linux Enterprise High Performance Computing 15 SP4, SUSE Linux Enterprise Server 15 SP4, SUSE Linux Enterprise Server for SAP Applications 15 SP4, SUSE openSUSE Leap 15.4, SUSE Linux Enterprise High Performance Computing LTSS 15 SP4, SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4, SUSE Linux Enterprise Server 15 SP4 LTSS |
--===============3000605973549428172==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
# Security update for libva
Announcement ID: SUSE-SU-2025:1452-1
Release Date: 2025-05-05T07:44:00Z
Rating: moderate
References:
* bsc#1202828
* bsc#1217770
* bsc#1224413
* jsc#PED-11066
* jsc#PED-1174
Cross-References:
* CVE-2023-39929
CVSS scores:
* CVE-2023-39929 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
An update that solves one vulnerability, contains two features and has two
security fixes can now be installed.
## Description:
This update for libva fixes the following issues:
Update to libva version 2.20.0, which includes security fix for:
* CVE-2023-39929: Uncontrolled search path may allow an authenticated user to
escalate privilege via local access (bsc#1224413, jsc#PED-11066)
This includes latest version of one of the components needed for Video
(processing) hardware support on Intel GPUs (bsc#1217770)
Update to version 2.20.0:
* av1: Revise offsets comments for av1 encode
* drm:
* Limit the array size to avoid out of range
* Remove no longer used helpers
* jpeg: add support for crop and partial decode
* trace:
* Add trace for vaExportSurfaceHandle
* Unlock mutex before return
* Fix minor issue about printf data type and value range
* va/backend:
* Annotate vafool as deprecated
* Document the vaGetDriver* APIs
* va/x11/va_fglrx: Remove some dead code
* va/x11/va_nvctrl: Remove some dead code
* va:
* Add new VADecodeErrorType to indicate the reset happended in the driver
* Add vendor string on va_TraceInitialize
* Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)
* Drop no longer applicable vaGetDriverNames check
* Fix:don't leak driver names, when override is set
* Fix:set driver number to be zero if vaGetDriverNames failed
* Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)
* Remove legacy code paths
* Remove unreachable "DRIVER BUG"
* win32:
* Only print win32 driver messages in DEBUG builds
* Remove duplicate adapter_luid entry
* x11/dri2: limit the array handling to avoid out of range access
* x11:
* Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var
* Implement vaGetDriverNames
* Remove legacy code paths
Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
Update to version 2.18.0:
* doc: Add build and install libva informatio in home page.
* fix:
* Add libva.def into distribution package
* NULL check before calling strncmp.
* Remove reference to non-existent symbol
* meson: docs:
* Add encoder interface for av1
* Use libva_version over project_version()
* va:
* Add VAProfileH264High10
* Always build with va-messaging API
* Fix the codying style of CHECK_DISPLAY
* Remove Android pre Jelly Bean workarounds
* Remove dummy isValid() hook
* Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h
* va/sysdeps.h: remove Android section
* x11:
* Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var
* Use LIBVA_DRI3_DISABLE in GetNumCandidates
update to 2.17.0:
* win: Simplify signature for driver name loading
* win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies
* win: Add missing null check after calloc
* va: Update security disclaimer
* dep:remove the file .cvsignore
* pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx
* meson: add 'with-legacy' for emgd, nvctrl and fglrx
* x11: move all FGLRX code to va_fglrx.c
* x11: move all NVCTRL code to va_nvctrl.c
* meson: stop using deprecated meson.source_root()
* meson: stop using configure_file copy=true
* va: correctly include the win32 (local) headers
* win: clean-up the coding style
* va: dos2unix all the files
* drm: remove unnecessary dri2 version/extension query
* trace: annotate internal functions with DLL_HIDDEN
* build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support
level attribute instead
* meson: Check support for -Wl,-version-script and build link_args
accordingly
* meson: Set va_win32 soversion to '' and remove the install_data
rename
* fix: resouce check null
* va_trace: Add Win32 memory types in va_TraceSurfaceAttributes
* va_trace: va_TraceSurfaceAttributes should check the
VASurfaceAttribMemoryType
* va: Adds Win32 Node and Windows build support
* va: Adds compat_win32 abstraction for Windows build and prepares va common
code for windows build
* pkgconfig: Add Win32 package for when WITH_WIN32 is enabled
* meson: Add with_win32 option, makes libdrm non-mandatory on Win
* x11: add basic DRI3 support
* drm: remove VA_DRM_IsRenderNodeFd() helper
* drm: add radeon drm + radeonsi mesa combo
* needed for jira#PED-1174 (Video decoding/encoding support (VA-API, ...) for
Intel GPUs is outside of Mesa)
Update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release
22.4.4
Update to 2.15.0:
* Add: new display HW attribute to report PCI ID
* Add: sample depth related parameters for AV1e
* Add: refresh_frame_flags for AV1e
* Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.
* Add: nvidia-drm to the drm driver map
* Add: type and buffer for delta qp per block
* Deprecation: remove the va_fool support
* Fix:Correct the version of meson build on master branch
* Fix:X11 DRI2: check if device is a render node
* Build:Use also strong stack protection if supported
* Trace:print the string for profile/entrypoint/configattrib
Update to 2.14.0:
* add: Add av1 encode interfaces
* add: VA/X11 VAAPI driver mapping for crocus DRI driver
* doc: Add description of the fd management for surface importing
* ci: fix freebsd build
* meson: Copy public headers to build directory to support subproject
* CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow
authenticated users to escalate privilege via local access. (bsc#1224413)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-1452=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1452=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1452=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1452=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1452=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libva-drm2-debuginfo-2.20.0-150400.3.5.1
* libva-devel-2.20.0-150400.3.5.1
* libva-x11-2-2.20.0-150400.3.5.1
* libva2-2.20.0-150400.3.5.1
* libva-gl-devel-2.20.0-150400.3.5.1
* libva-glx2-2.20.0-150400.3.5.1
* libva-x11-2-debuginfo-2.20.0-150400.3.5.1
* libva-gl-debugsource-2.20.0-150400.3.5.1
* libva-glx2-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-2.20.0-150400.3.5.1
* libva-debugsource-2.20.0-150400.3.5.1
* libva-wayland2-debuginfo-2.20.0-150400.3.5.1
* libva-drm2-2.20.0-150400.3.5.1
* libva2-debuginfo-2.20.0-150400.3.5.1
* openSUSE Leap 15.4 (x86_64)
* libva-glx2-32bit-2.20.0-150400.3.5.1
* libva-drm2-32bit-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-32bit-debuginfo-2.20.0-150400.3.5.1
* libva-devel-32bit-2.20.0-150400.3.5.1
* libva-x11-2-32bit-2.20.0-150400.3.5.1
* libva2-32bit-2.20.0-150400.3.5.1
* libva-x11-2-32bit-debuginfo-2.20.0-150400.3.5.1
* libva-glx2-32bit-debuginfo-2.20.0-150400.3.5.1
* libva-gl-devel-32bit-2.20.0-150400.3.5.1
* libva2-32bit-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-32bit-2.20.0-150400.3.5.1
* libva-drm2-32bit-2.20.0-150400.3.5.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libva-glx2-64bit-2.20.0-150400.3.5.1
* libva-drm2-64bit-2.20.0-150400.3.5.1
* libva-glx2-64bit-debuginfo-2.20.0-150400.3.5.1
* libva2-64bit-debuginfo-2.20.0-150400.3.5.1
* libva-gl-devel-64bit-2.20.0-150400.3.5.1
* libva-drm2-64bit-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-64bit-2.20.0-150400.3.5.1
* libva-x11-2-64bit-2.20.0-150400.3.5.1
* libva-devel-64bit-2.20.0-150400.3.5.1
* libva2-64bit-2.20.0-150400.3.5.1
* libva-x11-2-64bit-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-64bit-debuginfo-2.20.0-150400.3.5.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libva-drm2-debuginfo-2.20.0-150400.3.5.1
* libva-devel-2.20.0-150400.3.5.1
* libva-x11-2-2.20.0-150400.3.5.1
* libva2-2.20.0-150400.3.5.1
* libva-x11-2-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-2.20.0-150400.3.5.1
* libva-debugsource-2.20.0-150400.3.5.1
* libva-wayland2-debuginfo-2.20.0-150400.3.5.1
* libva-drm2-2.20.0-150400.3.5.1
* libva2-debuginfo-2.20.0-150400.3.5.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libva-drm2-debuginfo-2.20.0-150400.3.5.1
* libva-devel-2.20.0-150400.3.5.1
* libva-x11-2-2.20.0-150400.3.5.1
* libva2-2.20.0-150400.3.5.1
* libva-x11-2-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-2.20.0-150400.3.5.1
* libva-debugsource-2.20.0-150400.3.5.1
* libva-wayland2-debuginfo-2.20.0-150400.3.5.1
* libva-drm2-2.20.0-150400.3.5.1
* libva2-debuginfo-2.20.0-150400.3.5.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libva-drm2-debuginfo-2.20.0-150400.3.5.1
* libva-devel-2.20.0-150400.3.5.1
* libva-x11-2-2.20.0-150400.3.5.1
* libva2-2.20.0-150400.3.5.1
* libva-x11-2-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-2.20.0-150400.3.5.1
* libva-debugsource-2.20.0-150400.3.5.1
* libva-wayland2-debuginfo-2.20.0-150400.3.5.1
* libva-drm2-2.20.0-150400.3.5.1
* libva2-debuginfo-2.20.0-150400.3.5.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libva-drm2-debuginfo-2.20.0-150400.3.5.1
* libva-devel-2.20.0-150400.3.5.1
* libva-x11-2-2.20.0-150400.3.5.1
* libva2-2.20.0-150400.3.5.1
* libva-x11-2-debuginfo-2.20.0-150400.3.5.1
* libva-wayland2-2.20.0-150400.3.5.1
* libva-debugsource-2.20.0-150400.3.5.1
* libva-wayland2-debuginfo-2.20.0-150400.3.5.1
* libva-drm2-2.20.0-150400.3.5.1
* libva2-debuginfo-2.20.0-150400.3.5.1
## References:
* https://www.suse.com/security/cve/CVE-2023-39929.html
* https://bugzilla.suse.com/show_bug.cgi?id=1202828
* https://bugzilla.suse.com/show_bug.cgi?id=1217770
* https://bugzilla.suse.com/show_bug.cgi?id=1224413
* https://jira.suse.com/browse/PED-11066
* https://jira.suse.com/browse/PED-1174
--===============3000605973549428172==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
<div class="container">
<h1>Security update for libva</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:1452-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-05-05T07:44:00Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1202828">bsc#1202828</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217770">bsc#1217770</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1224413">bsc#1224413</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-11066">jsc#PED-11066</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-1174">jsc#PED-1174</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-39929.html">CVE-2023-39929</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span
class="cvss-reference">CVE-2023-39929</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">openSUSE Leap
15.4</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing ESPOS 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing LTSS 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP4</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP4 LTSS</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP4</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves one vulnerability, contains two features and
has two security fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for libva fixes the following issues:</p>
<p>Update to libva version 2.20.0, which includes security fix
for:</p>
<ul>
<li>CVE-2023-39929: Uncontrolled search path may allow an authenticated
user to escalate privilege via local access (bsc#1224413,
jsc#PED-11066)</li>
</ul>
<p>This includes latest version of one of the components needed for
Video (processing) hardware support on Intel GPUs (bsc#1217770)</p>
<p>Update to version 2.20.0:</p>
<ul>
<li>av1: Revise offsets comments for av1 encode</li>
<li>drm:<ul>
<li>Limit the array size to avoid out of range</li>
<li>Remove no longer used helpers</li>
</ul>
</li>
<li>jpeg: add support for crop and partial decode</li>
<li>trace:<ul>
<li>Add trace for vaExportSurfaceHandle</li>
<li>Unlock mutex before return</li>
<li>Fix minor issue about printf data type and value range</li>
</ul>
</li>
<li>va/backend:<ul>
<li>Annotate vafool as deprecated</li>
<li>Document the vaGetDriver* APIs</li>
</ul>
</li>
<li>va/x11/va_fglrx: Remove some dead code</li>
<li>va/x11/va_nvctrl: Remove some dead code</li>
<li>va:<ul>
<li>Add new VADecodeErrorType to indicate the reset happended in
the driver</li>
<li>Add vendor string on va_TraceInitialize</li>
<li>Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)</li>
<li>Drop no longer applicable vaGetDriverNames check</li>
<li>Fix:don't leak driver names, when override is set</li>
<li>Fix:set driver number to be zero if vaGetDriverNames
failed</li>
<li>Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)</li>
<li>Remove legacy code paths</li>
<li>Remove unreachable "DRIVER BUG"</li>
</ul>
</li>
<li>win32:<ul>
<li>Only print win32 driver messages in DEBUG builds</li>
<li>Remove duplicate adapter_luid entry</li>
</ul>
</li>
<li>x11/dri2: limit the array handling to avoid out of range
access</li>
<li>x11:<ul>
<li>Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var</li>
<li>Implement vaGetDriverNames</li>
<li>Remove legacy code paths</li>
</ul>
</li>
</ul>
<p>Update to 2.19.0:</p>
<ul>
<li>add: Add mono_chrome to VAEncSequenceParameterBufferAV1</li>
<li>add: Enable support for license acquisition of multiple protected
playbacks</li>
<li>fix: use secure_getenv instead of getenv</li>
<li>trace: Improve and add VA trace log for AV1 encode</li>
<li>trace: Unify va log message, replace va_TracePrint with
va_TraceMsg.</li>
</ul>
<p>Update to version 2.18.0:</p>
<ul>
<li>doc: Add build and install libva informatio in home page.</li>
<li>fix:<ul>
<li>Add libva.def into distribution package</li>
<li>NULL check before calling strncmp.</li>
<li>Remove reference to non-existent symbol</li>
</ul>
</li>
<li>meson: docs:<ul>
<li>Add encoder interface for av1</li>
<li>Use libva_version over project_version()</li>
</ul>
</li>
<li>va:<ul>
<li>Add VAProfileH264High10</li>
<li>Always build with va-messaging API</li>
<li>Fix the codying style of CHECK_DISPLAY</li>
<li>Remove Android pre Jelly Bean workarounds</li>
<li>Remove dummy isValid() hook</li>
<li>Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h</li>
<li>va/sysdeps.h: remove Android section</li>
</ul>
</li>
<li>x11:<ul>
<li>Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var</li>
<li>Use LIBVA_DRI3_DISABLE in GetNumCandidates</li>
</ul>
</li>
</ul>
<p>update to 2.17.0:</p>
<ul>
<li>win: Simplify signature for driver name loading</li>
<li>win: Rewrite driver registry query and fix some
bugs/leaks/inefficiencies</li>
<li>win: Add missing null check after calloc</li>
<li>va: Update security disclaimer</li>
<li>dep:remove the file .cvsignore</li>
<li>pkgconfig: add 'with-legacy' for emgd, nvctrl and
fglrx</li>
<li>meson: add 'with-legacy' for emgd, nvctrl and
fglrx</li>
<li>x11: move all FGLRX code to va_fglrx.c</li>
<li>x11: move all NVCTRL code to va_nvctrl.c</li>
<li>meson: stop using deprecated meson.source_root()</li>
<li>meson: stop using configure_file copy=true</li>
<li>va: correctly include the win32 (local) headers</li>
<li>win: clean-up the coding style</li>
<li>va: dos2unix all the files</li>
<li>drm: remove unnecessary dri2 version/extension query</li>
<li>trace: annotate internal functions with DLL_HIDDEN</li>
<li>build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use
<em>GNUC</em>
support level attribute instead</li>
<li>meson: Check support for -Wl,-version-script and build link_args
accordingly</li>
<li>meson: Set va_win32 soversion to '' and remove the
install_data rename</li>
<li>fix: resouce check null</li>
<li>va_trace: Add Win32 memory types in
va_TraceSurfaceAttributes</li>
<li>va_trace: va_TraceSurfaceAttributes should check the
VASurfaceAttribMemoryType</li>
<li>va: Adds Win32 Node and Windows build support</li>
<li>va: Adds compat_win32 abstraction for Windows build and prepares va
common code for windows build</li>
<li>pkgconfig: Add Win32 package for when WITH_WIN32 is
enabled</li>
<li>meson: Add with_win32 option, makes libdrm non-mandatory on
Win</li>
<li>x11: add basic DRI3 support</li>
<li>drm: remove VA_DRM_IsRenderNodeFd() helper</li>
<li>
<p>drm: add radeon drm + radeonsi mesa combo</p>
</li>
<li>
<p>needed for jira#PED-1174 (Video decoding/encoding support
(VA-API, ...) for Intel GPUs is outside of Mesa)</p>
</li>
</ul>
<p>Update to 2.16.0:</p>
<ul>
<li>add: Add HierarchicalFlag & hierarchical_level_plus1 for
AV1e.</li>
<li>dep: Update README.md to remove badge links</li>
<li>dep: Removed waffle-io badge from README to fix broken
link</li>
<li>dep: Drop mailing list, IRC and Slack</li>
<li>autotools: use wayland-scanner private-code</li>
<li>autotools: use the wayland-scanner.pc to locate the prog</li>
<li>meson: use wayland-scanner private-code</li>
<li>meson: request native wayland-scanner</li>
<li>meson: use the wayland-scanner.pc to locate the prog</li>
<li>meson: set HAVE_VA_X11 when applicable</li>
<li>style:Correct slight coding style in several new commits</li>
<li>trace: add Linux ftrace mode for va trace</li>
<li>trace: Add missing pthread_mutex_destroy</li>
<li>drm: remove no-longer needed X == X mappings</li>
<li>drm: fallback to drm driver name == va driver name</li>
<li>drm: simplify the mapping table</li>
<li>x11: simplify the mapping table</li>
</ul>
<p>Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2
Release 22.4.4</p>
<p>Update to 2.15.0:</p>
<ul>
<li>Add: new display HW attribute to report PCI ID</li>
<li>Add: sample depth related parameters for AV1e</li>
<li>Add: refresh_frame_flags for AV1e</li>
<li>Add: missing fields in
va_TraceVAEncSequenceParameterBufferHEVC.</li>
<li>Add: nvidia-drm to the drm driver map</li>
<li>Add: type and buffer for delta qp per block</li>
<li>Deprecation: remove the va_fool support</li>
<li>Fix:Correct the version of meson build on master branch</li>
<li>Fix:X11 DRI2: check if device is a render node</li>
<li>Build:Use also strong stack protection if supported</li>
<li>Trace:print the string for profile/entrypoint/configattrib</li>
</ul>
<p>Update to 2.14.0:</p>
<ul>
<li>add: Add av1 encode interfaces</li>
<li>add: VA/X11 VAAPI driver mapping for crocus DRI driver</li>
<li>doc: Add description of the fd management for surface
importing</li>
<li>ci: fix freebsd build</li>
<li>
<p>meson: Copy public headers to build directory to support
subproject</p>
</li>
<li>
<p>CVE-2023-39929: Fixed an issue where an uncontrolled search path may
allow authenticated users to escalate privilege via local access. (bsc#1224413)</p>
</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.4
<br/>
<code>zypper in -t patch
SUSE-2025-1452=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1452=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1452=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server 15 SP4 LTSS
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1452=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Server for SAP Applications 15 SP4
<br/>
<code>zypper in -t patch
SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1452=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
<ul>
<li>libva-drm2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-devel-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-2.20.0-150400.3.5.1</li>
<li>libva2-2.20.0-150400.3.5.1</li>
<li>libva-gl-devel-2.20.0-150400.3.5.1</li>
<li>libva-glx2-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-gl-debugsource-2.20.0-150400.3.5.1</li>
<li>libva-glx2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-2.20.0-150400.3.5.1</li>
<li>libva-debugsource-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-drm2-2.20.0-150400.3.5.1</li>
<li>libva2-debuginfo-2.20.0-150400.3.5.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (x86_64)
<ul>
<li>libva-glx2-32bit-2.20.0-150400.3.5.1</li>
<li>libva-drm2-32bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-32bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-devel-32bit-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-32bit-2.20.0-150400.3.5.1</li>
<li>libva2-32bit-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-32bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-glx2-32bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-gl-devel-32bit-2.20.0-150400.3.5.1</li>
<li>libva2-32bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-32bit-2.20.0-150400.3.5.1</li>
<li>libva-drm2-32bit-2.20.0-150400.3.5.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64_ilp32)
<ul>
<li>libva-glx2-64bit-2.20.0-150400.3.5.1</li>
<li>libva-drm2-64bit-2.20.0-150400.3.5.1</li>
<li>libva-glx2-64bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva2-64bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-gl-devel-64bit-2.20.0-150400.3.5.1</li>
<li>libva-drm2-64bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-64bit-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-64bit-2.20.0-150400.3.5.1</li>
<li>libva-devel-64bit-2.20.0-150400.3.5.1</li>
<li>libva2-64bit-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-64bit-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-64bit-debuginfo-2.20.0-150400.3.5.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing ESPOS 15
SP4 (aarch64 x86_64)
<ul>
<li>libva-drm2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-devel-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-2.20.0-150400.3.5.1</li>
<li>libva2-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-2.20.0-150400.3.5.1</li>
<li>libva-debugsource-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-drm2-2.20.0-150400.3.5.1</li>
<li>libva2-debuginfo-2.20.0-150400.3.5.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Performance Computing LTSS 15
SP4 (aarch64 x86_64)
<ul>
<li>libva-drm2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-devel-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-2.20.0-150400.3.5.1</li>
<li>libva2-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-2.20.0-150400.3.5.1</li>
<li>libva-debugsource-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-drm2-2.20.0-150400.3.5.1</li>
<li>libva2-debuginfo-2.20.0-150400.3.5.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le
s390x x86_64)
<ul>
<li>libva-drm2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-devel-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-2.20.0-150400.3.5.1</li>
<li>libva2-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-2.20.0-150400.3.5.1</li>
<li>libva-debugsource-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-drm2-2.20.0-150400.3.5.1</li>
<li>libva2-debuginfo-2.20.0-150400.3.5.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Server for SAP Applications 15 SP4
(ppc64le x86_64)
<ul>
<li>libva-drm2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-devel-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-2.20.0-150400.3.5.1</li>
<li>libva2-2.20.0-150400.3.5.1</li>
<li>libva-x11-2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-2.20.0-150400.3.5.1</li>
<li>libva-debugsource-2.20.0-150400.3.5.1</li>
<li>libva-wayland2-debuginfo-2.20.0-150400.3.5.1</li>
<li>libva-drm2-2.20.0-150400.3.5.1</li>
<li>libva2-debuginfo-2.20.0-150400.3.5.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-39929.html">https://www.suse.com/security/cve/CVE-2023-39929.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1202828">https://bugzilla.suse.com/show_bug.cgi?id=1202828</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217770">https://bugzilla.suse.com/show_bug.cgi?id=1217770</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1224413">https://bugzilla.suse.com/show_bug.cgi?id=1224413</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-11066">https://jira.suse.com/browse/PED-11066</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-1174">https://jira.suse.com/browse/PED-1174</a>
</li>
</ul>
</div>
--===============3000605973549428172==--
|
