Synopsis: Moderate: libvpx security update
Advisory ID: SLSA-2020:3876-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2019-9433
CVE-2019-9232
CVE-2020-0034
CVE-2017-0393
—
Security Fix(es):
* libvpx: Denial of service in mediaserver (CVE-2017-0393)
* libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232)
* libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c
(CVE-2019-9433)
* libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c
(CVE-2020-0034)
—
SL7
x86_64
libvpx-1.3.0-8.el7.x86_64.rpm
libvpx-1.3.0-8.el7.i686.rpm
libvpx-debuginfo-1.3.0-8.el7.i686.rpm
libvpx-debuginfo-1.3.0-8.el7.x86_64.rpm
libvpx-devel-1.3.0-8.el7.i686.rpm
libvpx-devel-1.3.0-8.el7.x86_64.rpm
libvpx-utils-1.3.0-8.el7.x86_64.rpm
– Scientific Linux Development Team
