libvpx 1.7.0-3ubuntu0.18.04.1 source package in Ubuntu
Changelog
libvpx (1.7.0-3ubuntu0.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: double free in ParseContentEncodingEntry
- debian/patches/CVE-2019-2126.patch: set compression_entries_ to NULL
in third_party/libwebm/mkvparser/mkvparser.cc.
- CVE-2019-2126
* SECURITY UPDATE: out of bounds read
- debian/patches/CVE-2019-9232.patch: use unsigned char in
vp8/decoder/dboolhuff.h, vpx_dsp/bitreader.h.
- CVE-2019-9232
* SECURITY UPDATE: out of bounds read
- debian/patches/CVE-2019-9325.patch: fix size in vp9/vp9_dx_iface.c,
vpx_dsp/bitreader_buffer.c, test/decode_api_test.cc.
- CVE-2019-9325
* SECURITY UPDATE: resource exhaustion issue
- debian/patches/CVE-2019-9371-1.patch: fix logic in
third_party/libwebm/mkvparser/mkvparser.cc.
- debian/patches/CVE-2019-9371-2.patch: fix logic in
third_party/libwebm/mkvparser/mkvparser.cc.
- CVE-2019-9371
* SECURITY UPDATE: memory disclosure issue
- debian/patches/CVE-2019-9433.patch: fix use-after-free in
vp8/common/postproc.c.
- CVE-2019-9433
-- Marc Deslauriers <email address hidden> Tue, 19 Nov 2019 10:48:25 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- video
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | video | |
| Bionic | security | main | video |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libvpx_1.7.0.orig.tar.gz | 2.6 MiB | 1fec931eb5c94279ad219a5b6e0202358e94a93a90cfb1603578c326abfc1238 |
| libvpx_1.7.0-3ubuntu0.18.04.1.debian.tar.xz | 15.5 KiB | cb9d70d5e8cd2a3fbdc13c40ceaf3e7d7aaeb99818a1c17ab3ed1f8ea174e473 |
| libvpx_1.7.0-3ubuntu0.18.04.1.dsc | 2.3 KiB | d430565819d78ed3a12951fef609cf51734f80dd57dbc967a3f2b8a3d51944c7 |
Available diffs
Binary packages built by this source
- libvpx-dev: VP8 and VP9 video codec (development files)
VP8 and VP9 are open video codecs, originally developed by On2 and released
as open source by Google Inc. They are the successor of the VP3 codec,
on which the Theora codec was based.
.
This package contains the development libraries, header files needed by
programs that want to compile with libvpx.
- libvpx-doc: VP8 and VP9 video codec (API documentation)
VP8 and VP9 are open video codecs, originally developed by On2 and released
as open source by Google Inc. They are the successor of the VP3 codec,
on which the Theora codec was based.
.
This package contains the HTML documentation for the libvpx library
in /usr/share/doc/libvpx- doc.
- libvpx5: VP8 and VP9 video codec (shared library)
VP8 and VP9 are open video codecs, originally developed by On2 and released
as open source by Google Inc. They are the successor of the VP3 codec,
on which the Theora codec was based.
.
This package contains the shared libraries.
- libvpx5-dbgsym: debug symbols for libvpx5
- vpx-tools: VP8 and VP9 video codec encoding/decoding tools
VP8 and VP9 are open video codecs, originally developed by On2 and released
as open source by Google Inc. They are the successor of the VP3 codec,
on which the Theora codec was based.
.
This package contains the commandline tools vpxdec and vpxenc.
- vpx-tools-dbgsym: debug symbols for vpx-tools
