Format: 1.8 Date: Tue, 19 Nov 2019 11:26:37 -0500 Source: libvpx Binary: libvpx-dev libvpx3 libvpx3-dbg libvpx-doc vpx-tools Architecture: armhf Version: 1.5.0-2ubuntu1.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libvpx-dev - VP8 and VP9 video codec (development files) libvpx-doc - VP8 and VP9 video codec (API documentation) libvpx3 - VP8 and VP9 video codec (shared library) libvpx3-dbg - VP8 and VP9 video codec (debugging symbols) vpx-tools - VP8 and VP9 video codec encoding/decoding tools Changes: libvpx (1.5.0-2ubuntu1.1) xenial-security; urgency=medium . * SECURITY UPDATE: image width alignment issue - debian/patches/CVE-2017-13194-1.patch: fix image width alignment in vpx/src/vpx_image.c. - debian/patches/CVE-2017-13194-2.patch: fix alignment without external allocation in vpx/src/vpx_image.c. - CVE-2017-13194 * SECURITY UPDATE: double free in ParseContentEncodingEntry - debian/patches/CVE-2019-2126.patch: set compression_entries_ to NULL in third_party/libwebm/mkvparser/mkvparser.cc. - CVE-2019-2126 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-9232.patch: use unsigned char in vp8/decoder/dboolhuff.h, vpx_dsp/bitreader.h. - CVE-2019-9232 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-9325.patch: fix size in vp9/vp9_dx_iface.c, vpx_dsp/bitreader_buffer.c, test/decode_api_test.cc. - CVE-2019-9325 * SECURITY UPDATE: memory disclosure issue - debian/patches/CVE-2019-9433.patch: fix use-after-free in vp8/common/postproc.c. - CVE-2019-9433 Checksums-Sha1: 1e53940e0563b009384c0875f1b806cf3f7ae968 978 libvpx-dev-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb f6fb98f01cd1f4b3b2912285da82cccc6bee868c 485216 libvpx-dev_1.5.0-2ubuntu1.1_armhf.deb 384e17eb68eece496d8259deefcb34c55f60e33b 2078346 libvpx3-dbg_1.5.0-2ubuntu1.1_armhf.deb 9ff29af41b9ae5850bc01f39de3b6369c99c4f28 938 libvpx3-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb 7844a8028deed04f3c41694a6d64d08e4023b9c4 951692 libvpx3_1.5.0-2ubuntu1.1_armhf.deb 7caaf47894db437d07b26b64463f13daa861710d 952 vpx-tools-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb 20b331d6c03fb2df3743f06a3844367cbe26b7d0 101062 vpx-tools_1.5.0-2ubuntu1.1_armhf.deb Checksums-Sha256: 72554d255937cb67316c758f6cf8ed4285373ecbf1d0a067f593f0a308becd35 978 libvpx-dev-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb fe5cdf7d8ea6781f97c502d272f73542d1519e330c79fdd6cc7848a354c4e013 485216 libvpx-dev_1.5.0-2ubuntu1.1_armhf.deb b70b828bb79b7b0b01aeb83388cd1e813299ba6278016fa4078dbe806f09ebda 2078346 libvpx3-dbg_1.5.0-2ubuntu1.1_armhf.deb 79750a5faeb1b0ed68efe18c5c073d3141ffd0652a0c0ce8234d81d1987aca5b 938 libvpx3-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb 700d69c3aac6035b7f9485b506f014d1ecbbfada3fe2a0b827cd51c0c11c9f85 951692 libvpx3_1.5.0-2ubuntu1.1_armhf.deb 041e12a9f724ab07c5cc201105b8d674595d31d443b6bb45d8d8cecdc3a22a42 952 vpx-tools-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb 8dc4b82541c4159afa993bc8143c8172b49c4ae4e0ef1e14c0cf5f80a67adbb4 101062 vpx-tools_1.5.0-2ubuntu1.1_armhf.deb Files: 7e430b63777cfce0baedbc59b884a622 978 libdevel extra libvpx-dev-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb 0ea6d703218c13a189ff70c51765999d 485216 libdevel optional libvpx-dev_1.5.0-2ubuntu1.1_armhf.deb 5ce10a966dfeb5e6d4307ea8397b69de 2078346 debug extra libvpx3-dbg_1.5.0-2ubuntu1.1_armhf.deb 0c4547942725a383993e7f2a1f6074b7 938 libs extra libvpx3-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb c193c134dfdfc3fe5167e1929feb2c44 951692 libs optional libvpx3_1.5.0-2ubuntu1.1_armhf.deb c19c4b449955597b57946fbd57dab2bd 952 utils extra vpx-tools-dbgsym_1.5.0-2ubuntu1.1_armhf.ddeb f305b00446d66961338f458601e035ef 101062 utils optional vpx-tools_1.5.0-2ubuntu1.1_armhf.deb Original-Maintainer: Sebastian Dröge