• [SECURITY] [DSA 5490-1] aom security update

    From Markus Koschany@21:1/5 to All on Wed Sep 6 01:00:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5490-1 security@debian.org https://www.debian.org/security/ Markus Koschany September 06, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : aom
    CVE ID : CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135
    CVE-2021-30473 CVE-2021-30474 CVE-2021-30475

    Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 1.0.0.errata1-3+deb11u1.

    We recommend that you upgrade your aom packages.

    For the detailed security status of aom please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/aom

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmT3rHBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSTUw//f5aA9QXBT7ro8HZITTZFs0LH6PAc12iyc3ajZDldlKnapdt3d/QmtNyP w/Xv+rG1gY/1/VJg0Id6mEXqpMuuDHQvv3db7QeAn2P/JWK+qnS7o/rxJdtqbtgk uiDQ79AbmCNG6Km7J5pZuvzW7zY5QKcLEwpG0Xzjn+Uf0prtw1nLQU8sVs/MWLFz WxIym8+QT+xwrjj5j5wfXzhmMQJxKLVhn12zV0ZHYJ6RR3eKDKCJNpTkYia+OdQF 573X50sStBUrs8DBguRemWfkOdaBnqcDscFX0ody+UWwQ4a7b2PlN8U4cyhEQ92B gEL57afIo9nrIYT4hHKjEWzYKN/O/NGm3bDol2xFlJkiXQvpildPMPNVChpnqudP Vz9A78qJDtyJ6P0/VTeLjhB8uJcSMZUoLNXzH4XwObd1uAHow8/tHl32WK+1CdVi e1qfCpKscDEL7O+Mn315K3xu6WfQ+volXlsPn+NbDtRsNvnSvbTbEvhBWByr8VpC OG+oMdoHvzqL+4aIA1lL7aioLCBNYH2F4ZQX7DabnLfcpbWWHXqswNAlv5UL+Mcm DA84RJgGycQS77gbvTsPvYYw+iuGNDVHiI+jtIsAROqwmmwtOXNb61GZLe8JpokA kZClfhja3DOxZE+LaPWPFECxmHlIQRf1Q81h5whD97WNDSgYz8E=
    =vlUG
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)