DLA 2012-1: libvpx security update

Debian 9922 Published by

A libvpx security update is available for Debian GNU/Linux 8 LTS to address several issues



Package : libvpx
Version : 1.3.0-3+deb8u2
CVE ID : CVE-2019-9232 CVE-2019-9433

Several issues have been found in libvpx, a VP8 and VP9 video codec.

CVE-2019-9232

There is a possible out of bounds read due to a missing bounds check.
This could lead to remote information disclosure with no additional
execution privileges needed. User interaction is not needed for
exploitation.

CVE-2019-9433

There is a possible information disclosure due to improper input
validation. This could lead to remote information disclosure with
no additional execution privileges needed. User interaction is
needed for exploitation.

For Debian 8 "Jessie", these problems have been fixed in version
1.3.0-3+deb8u2.

We recommend that you upgrade your libvpx packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

DLA 2011-1: xmlrpc-epi security update

Windows 10 Insider Preview Build 19033 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...