1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5518-1] libvpx security update

    From Salvatore Bonaccorso@21:1/5 to All on Thu Oct 5 21:20:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5518-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 05, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libvpx
    CVE ID : CVE-2023-44488

    It was discovered that missing input sanitising in the encoding support
    in libvpx, a multimedia library for the VP8 and VP9 video codecs, may
    result in denial of service.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 1.9.0-1+deb11u2.

    For the stable distribution (bookworm), this problem has been fixed in
    version 1.12.0-1+deb12u2.

    We recommend that you upgrade your libvpx packages.

    For the detailed security status of libvpx please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/libvpx

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUfC+hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0ShFg//d7Jd4qC4wXcyMie8BhtQ+mJWjauimf/INZ3HpuFvJy/dXcewbS54rjX6 bCoA7Ph+eMSrHpB8HT7F36kM7bGGHhgiqRacDgyWhTo2I/ypEEuWj0BK29js7ajr vWokgkDIK4xZFqmqV6fKfD2tEa/3IdGxoreuBvta0VOi0mTe1jcuSyiro+DOGCxk SnFpt5Iyvc/uoc+QP3KbqwLqKH8KNOUZDpeIYu3lDByLRDaseuOBuKYGSQsx2lfG 3P5TmAAHJi4KCDm1vpTJW3ifHo7QJkRWhKSfQv66+Lqz3nLfhZR9D9nD9kExFnxP cNCJZqrSdYjtHDXm8VVD+MY2L8ZRCnJkN6Wp9aQHK7i3jhqTv2nsK1mTEbv9HmHo ngfFmXskzgxlnY/5Ye1MSpRflnYskkC7AG/52vYWE00aXnY9OH0Lb7LIseu/YpeY SrSAPcC5ldWgFLH1xfczXgl43Q7bDVYBoiDFGuA6Z1bP0rexuvbKEBBmiEFAOR/F kLE8HbovvuXhGMvpN2RLWGAl7EuBAAJGR/q1/XcQpcdCPVUdkz0YG//o1uNTlUeQ JkiQSzQFBwfvLF0MwnJ/bi7YIZeinEb0bBki01npLvQizafSz4HFyhAQIiRbrQFy 3sVX4BipmVNdzOktp4L62EtKlYFr7fm8/aBZDVtrcn9Lg0CQfkg=
    =EqLq
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)