• [SECURITY] [DSA 5753-1] aom security update

    From Moritz Muehlenhoff@21:1/5 to All on Wed Aug 21 11:00:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5753-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : aom
    CVE ID : CVE-2024-5171

    An integer overflow was discovered in aom, the AV1 Video Codec Library,
    which could potentially result in the execution of arbitrary code if a malformed media file is processed.

    For the stable distribution (bookworm), this problem has been fixed in
    version 3.6.0-1+deb12u1.

    We recommend that you upgrade your aom packages.

    For the detailed security status of aom please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/aom

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbFp98ACgkQEMKTtsN8 TjYsMg/+KgU0TbThS5lmxeF3R4ylqiQv/AQzhMO2WQsBzG7687pRfV7jfJFmOPQB +FisQHJpyd++sVuqe9ZLBlmnOpxlAtBN8o746rRMgEJLRQtKoZ5SQK7Eg4/9a1pe PPgxT88jjehowIJDG/glVGMQ4k3NUeKSkTgk1hkmUwm95xvSVOmQTux41E7tmmrA x7rWG4YTUVOwwfUufwlEF8P+7K2qZQZ34JzgQjXlH3uklTXiGypwaNjt5Biave2N KwBX5I1draUgKVC5NI+RcqeuehHbwwCTuOxe6jP18GBjR4dFSBCzeOL22Hgaeql9 2etXaPoz1B8xJscPpDXs4QM5m0HyBUXFnrZvzp2earvXVvKI2yUoWMGdPK6Isob4 W9vOi1vy3TqznTUrSottXr5ILI6jYWsIEDpnmO1IwWQ3xOIM4/ARNHK56oyJRYF5 eF5jhH7ASKKY+arMSG3VyGeZzbdEDc8gnxfeBcH4WYLFMWJ8tKTm3SZ4kRbX9VGi qt0nFthtjsMMmEgyzv2crJNVn2LMOcE0FCxTuT7hRWvSGkkWcwxeqEjrQtErpaNE WqMtdpjaiXEQiCEmmi9AtPIK1AY3+/ljznZChbtC6Q7H5GXTJ3k2VLeV0liXc6T7 aFIzHkEqb0zEbkX/Ujp1Oz20SwS93qACAWdk5lt4uprs67+7DmU=
    =0TQI
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)