Ubuntu
libvpx package

Change logs for libvpx source package in Disco

Disco (19.04)
Change log

libvpx (1.7.0-3ubuntu0.19.04.1) disco-security; urgency=medium

  * SECURITY UPDATE: double free in ParseContentEncodingEntry
    - debian/patches/CVE-2019-2126.patch: set compression_entries_ to NULL
      in third_party/libwebm/mkvparser/mkvparser.cc.
    - CVE-2019-2126
  * SECURITY UPDATE: out of bounds read
    - debian/patches/CVE-2019-9232.patch: use unsigned char in
      vp8/decoder/dboolhuff.h, vpx_dsp/bitreader.h.
    - CVE-2019-9232
  * SECURITY UPDATE: out of bounds read
    - debian/patches/CVE-2019-9325.patch: fix size in vp9/vp9_dx_iface.c,
      vpx_dsp/bitreader_buffer.c, test/decode_api_test.cc.
    - CVE-2019-9325
  * SECURITY UPDATE: resource exhaustion issue
    - debian/patches/CVE-2019-9371-1.patch: fix logic in
      third_party/libwebm/mkvparser/mkvparser.cc.
    - debian/patches/CVE-2019-9371-2.patch: fix logic in
      third_party/libwebm/mkvparser/mkvparser.cc.
    - CVE-2019-9371
  * SECURITY UPDATE: memory disclosure issue
    - debian/patches/CVE-2019-9433.patch: fix use-after-free in
      vp8/common/postproc.c.
    - CVE-2019-9433

 -- Marc Deslauriers <email address hidden>  Tue, 19 Nov 2019 10:48:25 -0500

libvpx (1.7.0-3) unstable; urgency=medium

  * Uploading to unstable
  * Install examples into libvpx-dev

 -- Ondřej Nový <email address hidden>  Sat, 17 Feb 2018 13:47:07 +0100

Ubuntulibvpx package

Change logs for libvpx source package in Disco

Ubuntu
libvpx package