Debian Security Advisory 5510-1

Debian Security Advisory 5510-1: Posted Oct 2, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5510-1 - Clement Lecigne discovered a heap-based buffer overflow in libvpx, a multimedia library for the VP8 and VP9 video codecs, which may result in the execution of arbitrary code if a specially crafted VP8 media stream is processed.; tags | advisory, overflow, arbitrary; systems | linux, debian; advisories | CVE-2023-5217; SHA-256 | b4dcffb697fe696e6e00d091270e45177bfc156ae9ad8536bd789d4e459ada94; Download | Favorite | View

Debian Security Advisory 5510-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5510-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 29, 2023                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libvpx
CVE ID         : CVE-2023-5217
Debian Bug     : 1053182

Clement Lecigne discovered a heap-based buffer overflow in libvpx, a
multimedia library for the VP8 and VP9 video codecs, which may result in
the execution of arbitrary code if a specially crafted VP8 media stream
is processed.

For the oldstable distribution (bullseye), this problem has been fixed
in version 1.9.0-1+deb11u1.

For the stable distribution (bookworm), this problem has been fixed in
version 1.12.0-1+deb12u1.

We recommend that you upgrade your libvpx packages.

For the detailed security status of libvpx please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/libvpx

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUXPQxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RFDA/9GmZkMOfqEBNeItASvUeQAbPu9w7hh/Ah/Ox9gSFZMvD5QmGTs6Zp8lZY
TmOKS2Ls1rgQnfM/c+dm6Le4H9e+EtGYvLI0P6KjIk3T+rA+55os3WoUE99KJsZr
j0AZM0jsmaQVuV1MbJIJSGo6a49qRkSIF4eS7/rws8xImu73EgcPQiWep70kF8/i
dqnYYqFEKJwT3Oxp2h4zYLM8Jqt8ji4caTHle20rcQ1tdOBCcqDWH87aNk1kqhWE
Le281K7sDVYlpyIGSZRsvHbTusESlvp+92sRIQPRDdpMMkSgACBDcHpfCHiJDofD
Dn+6Z4zA5XRxHOKlHvYvrg9lDSA1eu9V7oaR2YoBRfIcwd4HxB535FjJRNDGtt+0
thJnuv+zjiA2yK/GTBju52q+96qGcXhPrGOZiQeth4SdxVnK3FKc3lB6HbMgs4ZE
RZNhs7AJ4I7pnyX6d8Zux3kPjejrdvBOFT8L+gNYzYn0tkcKHdpK2Xj0OMKboDLF
xw26i8GgNb9RUht6Seb1dk2bnel2fJ+rqgxkltpVuTIFjQ942YtHm/a9xj6FLK3D
6CtX1masIZ53uo51k2qWAGJWUqovasIQQHBUeOHgFHw+lHNHNlSsiblu6xc9y4B4
2vpozR449Q3volOr7t7oWv/pmsqrd48ByYXj7NESzD/bm4uOo9E=
=NrxQ
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 58 files
Gentoo 32 files
Debian 25 files
Apple 9 files
malvuln 6 files
nu11secur1ty 5 files
Google Security Research 5 files
Jann Horn 5 files
Ahmet Umit Bayram 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,642)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,788)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,504)
UNIX (9,401)
UnixWare (187)
Windows (6,659)
Other

Debian Security Advisory 5510-1

Debian Security Advisory 5510-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5510-1

Share This

Debian Security Advisory 5510-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems