Security Information / 2023 / Security Information -- DSA-5490-1 aom

Debian Security Advisory

DSA-5490-1 aom -- security update

Date Reported:

06 Sep 2023

Affected Packages:

aom

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135, CVE-2021-30473, CVE-2021-30474, CVE-2021-30475.

More information:

Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.

For the oldstable distribution (bullseye), these problems have been fixed in version 1.0.0.errata1-3+deb11u1.

We recommend that you upgrade your aom packages.

For the detailed security status of aom please refer to its security tracker page at: https://security-tracker.debian.org/tracker/aom