Univention Bugzilla – Bug 54170
libvpx: Multiple issues (4.4)
Last modified: 2021-12-01 16:07:22 CET
New Debian libvpx 1.6.1-3+deb9u3 fixes: This update addresses the following issue: * Out of bounds read in vp8_decode_frame in decodeframe.c (CVE-2020-0034)
--- mirror/ftp/4.4/unmaintained/4.4-4/source/libvpx_1.6.1-3+deb9u2.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/libvpx_1.6.1-3+deb9u3.dsc @@ -1,3 +1,9 @@ +1.6.1-3+deb9u3 [Sat, 27 Nov 2021 21:10:41 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload. + * CVE-2020-0034: Fix an out-of-bounds buffer read on truncated + key frames in vp8_decode_frame. + 1.6.1-3+deb9u2 [Wed, 27 Nov 2019 00:55:50 +0100] Moritz Mühlenhoff <jmm@debian.org>: * CVE-2019-9232 CVE-2019-9325 CVE-2019-9433 <http://piuparts.knut.univention.de/4.4-8/#5849009131133204635>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 4b415ab72c Bug #54170: libvpx 1.6.1-3+deb9u3 doc/errata/staging/libvpx.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1114>