-
libvpx (1.8.2-1ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: multiple integer overflows
- debian/patches/CVE-2024-5197-pre1.patch: add test/vpx_image_test.cc.
- debian/patches/CVE-2024-5197-1.patch: fix integer overflows in calc
of stride_in_bytes in test/vpx_image_test.cc, vpx/src/vpx_image.c.
- debian/patches/CVE-2024-5197-2.patch: avoid integer overflows in
arithmetic operations in test/vpx_image_test.cc, vpx/src/vpx_image.c,
vpx/vpx_image.h.
- debian/patches/CVE-2024-5197-3.patch: fix a bug in alloc_size for
high bit depths in vpx/src/vpx_image.c.
- CVE-2024-5197
-- Marc Deslauriers <email address hidden> Wed, 05 Jun 2024 10:07:37 -0400
-
libvpx (1.8.2-1ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in vp8 encoding
- debian/patches/CVE-2023-5217.patch: disallow thread count changes
in vp8/encoder/onyx_if.c.
- CVE-2023-5217
* SECURITY UPDATE: Width mishandling in vp9 encoding
- debian/patches/CVE-2023-44488.patch: fix bug with smaller width
bigger size in test/resize_test.cc, vp9/common/vp9_alloccommon.c,
vp9/encoder/vp9_encoder.c.
- CVE-2023-44488
-- Marc Deslauriers <email address hidden> Mon, 02 Oct 2023 06:43:10 -0400
-
libvpx (1.8.2-1build1) focal; urgency=medium
* No-change rebuild for libgcc-s1 package name change.
-- Matthias Klose <email address hidden> Tue, 24 Mar 2020 15:07:13 +0100
-
libvpx (1.8.2-1) unstable; urgency=medium
* New upstream version 1.8.2.
* Bump Standards-Version to 4.4.1.
-- Ondřej Nový <email address hidden> Fri, 27 Dec 2019 17:59:25 +0100
-
libvpx (1.8.1-2) unstable; urgency=medium
* Uploading to unstable.
-- Ondřej Nový <email address hidden> Mon, 05 Aug 2019 08:46:57 +0200