Fedora 37: libvpx 2023-f696934fbf
Summary
libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications
with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs
deployed on millions of computers and devices worldwide.
Update Information:
Security fixes for CVE-2023-5217 and CVE-2023-44488
Change Log
* Wed Oct 4 2023 Boudhayan Bhattacharya
References
[ 1 ] Bug #2241260 - CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241260 [ 2 ] Bug #2241812 - CVE-2023-44488 libvpx: TRIAGE-CVE-2023-44488 libvpx: crash related to VP9 encoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241812
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-f696934fbf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html