Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 39: FEDORA-2023-11ab34f678 Critical: Libpng Buffer Overflow

fedora
Calendar Grey October 2, 2023
Dist Fedora Esm H88
Fedora 39 has released an update that includes a crucial security fix for libvpx, resolving heap overflow vulnerabilities linked to CVE-2023-5217.
Security fix for CVE-2023-5217

Summary

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications

with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs

deployed on millions of computers and devices worldwide.

Update Information:

Security fix for CVE-2023-5217

Topics%20covered

Topics Covered

security advisory Fedora critical fix heap overflow video codec libvpx

Change Log

* Fri Sep 29 2023 Neal Gompa - 1.13.0-5 - Minor spec cleanups * Thu Sep 28 2023 Boudhayan Bhattacharya - 1.13.0-4 - Patch for CVE-2023-5217

References


[ 1 ] Bug #2241260 - CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241260

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-10ff82e497' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libvpx
Product: Fedora 39
Version: 1.13.0
Release: 5.fc39
URL: https://www.webmproject.org/code/
Summary: VP8/VP9 Video Codec SDK

Topics%20covered

Topics Covered

security advisory Fedora critical fix heap overflow video codec libvpx

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here