[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2136-1] libvpx security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libvpx
Version        : 1.3.0-3+deb8u3
CVE ID         : CVE-2020-0034

It was discovered that there was an out-of-bounds buffer read
vulnerability in libvpx, a library implementing the VP8 & VP9 video
codecs.

For Debian 8 "Jessie", this issue has been fixed in libvpx version
1.3.0-3+deb8u3.

We recommend that you upgrade your libvpx packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl5mi5AACgkQHpU+J9Qx
Hlj/Rg/9FEti123kCLgJ53t4xrXVV6gVHvZecM0rrvLKa1qlOyK/6B2uKzbA4qn2
uKZKNMddWE52uysfe/xcL4KXzUKAXC7xEpwH+J8W8DXd/Hxu0mD+XeKd9dKKh8DS
LsB77Zr1MSgNDthpAP+n7iZGmQYK59svJhZUh7xVxVAT0E5Jd6nb5ls69c6nCKVv
p7McopsGEaOmsKO6hS8HyRJAbJBfN2FoLT8Xd90mhCjQY+EyS9mUnMboy+N66EzL
x+LbMyvwAcKJ6yTmaCfqJ3jCVAzo0uY/71de6ISyCRG9+mQcNmv5oHY06/uQD3DQ
VEQ/fK7R8tPBLKO5RTXOEGvyoMDIvXzce7D29jKcUCrGJ/9iwJO8Pzmw3brnzu2k
2ox9CVzdi55QNS9fh9qY3IAlwY2/SCA2CZGDlD72LlYwStzZ8KGDqHDHcpRyIt5E
ukhu2s0rBGMhnywF9VG4oSMloQu0vPcBJ/gGmUMyQ0WGOm5Zl0eSxQ+y2WiVK9kL
mmScNM7IKn+C7VFJoA0GvgTe3vquTjX7eY6U5qW8pg+12L8wLMm1cm92/EjIaZtH
nW8JGo+ccMKUAEgig7/SzrofAHPrr7poF/5YO+OpN5VCX9VpzSA3GWlSARKAM4Cx
Ok19HrdBTrHKY+OBZSwDT245nzEH9tfKDsNAXpY+OMbQffRfmlU=
=3x5G
-----END PGP SIGNATURE-----
Reply to: