-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4578-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvpx CVE ID : CVE-2019-9232 CVE-2019-9325 CVE-2019-9433 CVE-2019-9371 Multiple security issues were found in libvpx multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed. For the oldstable distribution (stretch), these problems have been fixed in version 1.6.1-3+deb9u2. For the stable distribution (buster), these problems have been fixed in version 1.7.0-3+deb10u1. We recommend that you upgrade your libvpx packages. For the detailed security status of libvpx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libvpx Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3gI+0ACgkQEMKTtsN8 TjbH9A//S6lvahOTfqwVHzQCkFEgEOgmpwZA9NGnUQJ5omuv2BiSMqGnumje+QaH nYLxz2SDiIhO2BgJbDPiKc2HvsCjybzzMLGhTRmYU3H5O/+4NTTcoYXKdrh/R68f 27gN746Xyi6Dcic4oM7Niz1LxkA5QiZNARx1LNWua99It7RCppYqsqb4nqru485q SnlLt9J+BLlndpHFpBK1O8X/+TLfSnGqq9i/o21VaHGo4eDYAXkSlRE55IhjPnSg Cx7sd/VNxzDvbq9ycsuNKpm7bDD6zifXwAX4aR+NDTG8nRgQmz5ufrLR3u1s6N/o vV9qXXgzLjCQboYCmKFnbNYkWyWRfvhQTSvN9J8/rTCSAoABrUpUw9Pkc2VPcjSM iLdfPSzu1GY/N2KuX7/vqqxlbkGsrd6Ms0VKfIX0WOGIHtuVyhfErgloxRFofNsp inLeosoNHDYc/fb0pqTrJEsiI1AjHRUAr2X8axxV0YOm81t50cH1cK3T84hW4iwZ wCV9SWSpCEP+llunt3OGLHI5/cjlI0TIXN0/HAVvakH07ICSBhYjvXlO62tQO+3T 1CWafBEj9Agq04YmRhjY/hW5axXYjCTeQeYFxLKBmp6KD4paMYttCwIq52M9SP7q QQrYhffWcPYf01IB2EMikznAnvXW5tIf4msVX2ArrT8d8M1WaBI= =pCY3 -----END PGP SIGNATURE-----