Package "vpx-tools"
Name: |
vpx-tools
|
Description: |
VP8 and VP9 video codec encoding/decoding tools
|
Latest version: |
1.5.0-2ubuntu1.1 |
Release: |
xenial (16.04) |
Level: |
security |
Repository: |
universe |
Head package: |
libvpx |
Homepage: |
http://www.webmproject.org |
Links
Download "vpx-tools"
Other versions of "vpx-tools" in Xenial
Changelog
libvpx (1.5.0-2ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: image width alignment issue
- debian/patches/CVE-2017-13194-1.patch: fix image width alignment in
vpx/src/vpx_image.c.
- debian/patches/CVE-2017-13194-2.patch: fix alignment without external
allocation in vpx/src/vpx_image.c.
- CVE-2017-13194
* SECURITY UPDATE: double free in ParseContentEncodingEntry
- debian/patches/CVE-2019-2126.patch: set compression_entries_ to NULL
in third_party/libwebm/mkvparser/mkvparser.cc.
- CVE-2019-2126
* SECURITY UPDATE: out of bounds read
- debian/patches/CVE-2019-9232.patch: use unsigned char in
vp8/decoder/dboolhuff.h, vpx_dsp/bitreader.h.
- CVE-2019-9232
* SECURITY UPDATE: out of bounds read
- debian/patches/CVE-2019-9325.patch: fix size in vp9/vp9_dx_iface.c,
vpx_dsp/bitreader_buffer.c, test/decode_api_test.cc.
- CVE-2019-9325
* SECURITY UPDATE: memory disclosure issue
- debian/patches/CVE-2019-9433.patch: fix use-after-free in
vp8/common/postproc.c.
- CVE-2019-9433
-- Marc Deslauriers <email address hidden> Tue, 19 Nov 2019 11:26:37 -0500
|
CVE-2017-13194 |
A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android |
CVE-2019-2126 |
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote co |
CVE-2019-9232 |
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional |
CVE-2019-9325 |
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional |
CVE-2019-9433 |
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no addi |
|
About
-
Send Feedback to @ubuntu_updates