Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:5537: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.
  • CVE-2023-44488: A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.
Red Hat Security Data
#vulnerability#web#linux#red_hat#buffer_overflow#ibm#sap

Synopsis

Important: libvpx security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libvpx is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

  • libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)
  • libvpx: crash related to VP9 encoding in libvpx (CVE-2023-44488)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, all applications using libvpx must be restarted for the changes to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64

Fixes

  • BZ - 2241191 - CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx
  • BZ - 2241806 - CVE-2023-44488 libvpx: crash related to VP9 encoding in libvpx

Red Hat Enterprise Linux for x86_64 8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

x86_64

libvpx-1.7.0-10.el8_8.i686.rpm

SHA-256: b76085982736a8be52745ed2de66f7af90eebd4e1928dfb5bf698d1c0f34c135

libvpx-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 9b46aae3b09be1aac082b29a7aefe1f6cc2f144508b18e4524b77d983c51f03c

libvpx-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 5f2697d8bfa54e1da0b674a4fe42799d5975fa773299802d7e3b7cdecbb4f582

libvpx-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 1c23a03af9ac72f7949e9e6a341219d2a290c0f1a9a503df866d42b8fb3e2361

libvpx-debugsource-1.7.0-10.el8_8.i686.rpm

SHA-256: a5d6d72425f104ae97b8eab76fa80e0beb7de0af2fb957c7d21000cc5da6c2fe

libvpx-debugsource-1.7.0-10.el8_8.x86_64.rpm

SHA-256: d4489cbe319baeb35b7b7f62d4a749be1817059217fc91726a5c4f10d744c72a

libvpx-utils-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 47e4efb26c98bfb79fa3ee704c9f1a71ea4edd974ba977b3c593bb23fccb5a40

libvpx-utils-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 4dfbb66bc7868bc8f197654cc3ad7737cf642d3cea7479adf0c8746fe2eb30a0

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

x86_64

libvpx-1.7.0-10.el8_8.i686.rpm

SHA-256: b76085982736a8be52745ed2de66f7af90eebd4e1928dfb5bf698d1c0f34c135

libvpx-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 9b46aae3b09be1aac082b29a7aefe1f6cc2f144508b18e4524b77d983c51f03c

libvpx-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 5f2697d8bfa54e1da0b674a4fe42799d5975fa773299802d7e3b7cdecbb4f582

libvpx-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 1c23a03af9ac72f7949e9e6a341219d2a290c0f1a9a503df866d42b8fb3e2361

libvpx-debugsource-1.7.0-10.el8_8.i686.rpm

SHA-256: a5d6d72425f104ae97b8eab76fa80e0beb7de0af2fb957c7d21000cc5da6c2fe

libvpx-debugsource-1.7.0-10.el8_8.x86_64.rpm

SHA-256: d4489cbe319baeb35b7b7f62d4a749be1817059217fc91726a5c4f10d744c72a

libvpx-utils-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 47e4efb26c98bfb79fa3ee704c9f1a71ea4edd974ba977b3c593bb23fccb5a40

libvpx-utils-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 4dfbb66bc7868bc8f197654cc3ad7737cf642d3cea7479adf0c8746fe2eb30a0

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

s390x

libvpx-1.7.0-10.el8_8.s390x.rpm

SHA-256: a43ab67b3761fa62ca96709cc7166b1796b1d744948a48b3bcb22e9fc3f30d3a

libvpx-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 81682d61f4072f89b0767f09cfae1d2fd992a2e6d4913d7bce7ba90d7aa2b700

libvpx-debugsource-1.7.0-10.el8_8.s390x.rpm

SHA-256: ac31bb1257b9b5a65d3238494ebad4629eb3e1e5d9a74bc7c21956130c7b63dc

libvpx-utils-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 98d65a99e87aba822b00f5d1c9f8f4ab0d5fddab711f2440241dd55dd506f696

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

s390x

libvpx-1.7.0-10.el8_8.s390x.rpm

SHA-256: a43ab67b3761fa62ca96709cc7166b1796b1d744948a48b3bcb22e9fc3f30d3a

libvpx-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 81682d61f4072f89b0767f09cfae1d2fd992a2e6d4913d7bce7ba90d7aa2b700

libvpx-debugsource-1.7.0-10.el8_8.s390x.rpm

SHA-256: ac31bb1257b9b5a65d3238494ebad4629eb3e1e5d9a74bc7c21956130c7b63dc

libvpx-utils-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 98d65a99e87aba822b00f5d1c9f8f4ab0d5fddab711f2440241dd55dd506f696

Red Hat Enterprise Linux for Power, little endian 8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

ppc64le

libvpx-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 5c2d58a54fff6c1400b9db01bc0e2bef34a19fb684683728ab3aa47c284f3d9a

libvpx-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 8c4c7e768784dc1e8be18b3ea68af6ad1902351ba80be1f684e58f37577ecd0e

libvpx-debugsource-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: c686a3b4d653cb119a2aa8fe1cb04867ad85b4cef9fe3769e771b7090b94f6df

libvpx-utils-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 29351d3c0da7b1e39f9a5a2a1ccb86b6b654c8f6f2788ae359c427eb2dbc8ea3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

ppc64le

libvpx-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 5c2d58a54fff6c1400b9db01bc0e2bef34a19fb684683728ab3aa47c284f3d9a

libvpx-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 8c4c7e768784dc1e8be18b3ea68af6ad1902351ba80be1f684e58f37577ecd0e

libvpx-debugsource-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: c686a3b4d653cb119a2aa8fe1cb04867ad85b4cef9fe3769e771b7090b94f6df

libvpx-utils-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 29351d3c0da7b1e39f9a5a2a1ccb86b6b654c8f6f2788ae359c427eb2dbc8ea3

Red Hat Enterprise Linux Server - TUS 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

x86_64

libvpx-1.7.0-10.el8_8.i686.rpm

SHA-256: b76085982736a8be52745ed2de66f7af90eebd4e1928dfb5bf698d1c0f34c135

libvpx-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 9b46aae3b09be1aac082b29a7aefe1f6cc2f144508b18e4524b77d983c51f03c

libvpx-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 5f2697d8bfa54e1da0b674a4fe42799d5975fa773299802d7e3b7cdecbb4f582

libvpx-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 1c23a03af9ac72f7949e9e6a341219d2a290c0f1a9a503df866d42b8fb3e2361

libvpx-debugsource-1.7.0-10.el8_8.i686.rpm

SHA-256: a5d6d72425f104ae97b8eab76fa80e0beb7de0af2fb957c7d21000cc5da6c2fe

libvpx-debugsource-1.7.0-10.el8_8.x86_64.rpm

SHA-256: d4489cbe319baeb35b7b7f62d4a749be1817059217fc91726a5c4f10d744c72a

libvpx-utils-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 47e4efb26c98bfb79fa3ee704c9f1a71ea4edd974ba977b3c593bb23fccb5a40

libvpx-utils-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 4dfbb66bc7868bc8f197654cc3ad7737cf642d3cea7479adf0c8746fe2eb30a0

Red Hat Enterprise Linux for ARM 64 8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

aarch64

libvpx-1.7.0-10.el8_8.aarch64.rpm

SHA-256: b8e57d50fa03c321fb5f578dd0aa23b2e5f10fc32b9551caa2c18de602810b4f

libvpx-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: c089acfd6a054393af1b8f04d089dbc2662fb866f6011ed8ecfe541c4f249629

libvpx-debugsource-1.7.0-10.el8_8.aarch64.rpm

SHA-256: dac0d506d6ea0b20063626e9c11aaee6f3764eeac2ec7a9b8cb98d6acb4f09ff

libvpx-utils-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: 9fe0fb741ed7342102941aafa67b65376b8805a56ae9adec17ff71bfd7e39d44

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

aarch64

libvpx-1.7.0-10.el8_8.aarch64.rpm

SHA-256: b8e57d50fa03c321fb5f578dd0aa23b2e5f10fc32b9551caa2c18de602810b4f

libvpx-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: c089acfd6a054393af1b8f04d089dbc2662fb866f6011ed8ecfe541c4f249629

libvpx-debugsource-1.7.0-10.el8_8.aarch64.rpm

SHA-256: dac0d506d6ea0b20063626e9c11aaee6f3764eeac2ec7a9b8cb98d6acb4f09ff

libvpx-utils-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: 9fe0fb741ed7342102941aafa67b65376b8805a56ae9adec17ff71bfd7e39d44

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

ppc64le

libvpx-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 5c2d58a54fff6c1400b9db01bc0e2bef34a19fb684683728ab3aa47c284f3d9a

libvpx-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 8c4c7e768784dc1e8be18b3ea68af6ad1902351ba80be1f684e58f37577ecd0e

libvpx-debugsource-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: c686a3b4d653cb119a2aa8fe1cb04867ad85b4cef9fe3769e771b7090b94f6df

libvpx-utils-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 29351d3c0da7b1e39f9a5a2a1ccb86b6b654c8f6f2788ae359c427eb2dbc8ea3

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM

libvpx-1.7.0-10.el8_8.src.rpm

SHA-256: d1a621f90ded1d137688a1d1aa1ae326acbb4b57b936189714848d5c280996dc

x86_64

libvpx-1.7.0-10.el8_8.i686.rpm

SHA-256: b76085982736a8be52745ed2de66f7af90eebd4e1928dfb5bf698d1c0f34c135

libvpx-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 9b46aae3b09be1aac082b29a7aefe1f6cc2f144508b18e4524b77d983c51f03c

libvpx-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 5f2697d8bfa54e1da0b674a4fe42799d5975fa773299802d7e3b7cdecbb4f582

libvpx-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 1c23a03af9ac72f7949e9e6a341219d2a290c0f1a9a503df866d42b8fb3e2361

libvpx-debugsource-1.7.0-10.el8_8.i686.rpm

SHA-256: a5d6d72425f104ae97b8eab76fa80e0beb7de0af2fb957c7d21000cc5da6c2fe

libvpx-debugsource-1.7.0-10.el8_8.x86_64.rpm

SHA-256: d4489cbe319baeb35b7b7f62d4a749be1817059217fc91726a5c4f10d744c72a

libvpx-utils-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 47e4efb26c98bfb79fa3ee704c9f1a71ea4edd974ba977b3c593bb23fccb5a40

libvpx-utils-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 4dfbb66bc7868bc8f197654cc3ad7737cf642d3cea7479adf0c8746fe2eb30a0

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

libvpx-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 5f2697d8bfa54e1da0b674a4fe42799d5975fa773299802d7e3b7cdecbb4f582

libvpx-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 1c23a03af9ac72f7949e9e6a341219d2a290c0f1a9a503df866d42b8fb3e2361

libvpx-debugsource-1.7.0-10.el8_8.i686.rpm

SHA-256: a5d6d72425f104ae97b8eab76fa80e0beb7de0af2fb957c7d21000cc5da6c2fe

libvpx-debugsource-1.7.0-10.el8_8.x86_64.rpm

SHA-256: d4489cbe319baeb35b7b7f62d4a749be1817059217fc91726a5c4f10d744c72a

libvpx-devel-1.7.0-10.el8_8.i686.rpm

SHA-256: 9518378ab7c00f3fd7dce516c1b570b4d953757908d48ab13e719ec8a13fa71b

libvpx-devel-1.7.0-10.el8_8.x86_64.rpm

SHA-256: ad53f2c0ec0c13ba696123256402255c37fa57651aae318226b01b1cf77bbaaa

libvpx-utils-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 47e4efb26c98bfb79fa3ee704c9f1a71ea4edd974ba977b3c593bb23fccb5a40

libvpx-utils-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 4dfbb66bc7868bc8f197654cc3ad7737cf642d3cea7479adf0c8746fe2eb30a0

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

libvpx-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 8c4c7e768784dc1e8be18b3ea68af6ad1902351ba80be1f684e58f37577ecd0e

libvpx-debugsource-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: c686a3b4d653cb119a2aa8fe1cb04867ad85b4cef9fe3769e771b7090b94f6df

libvpx-devel-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 97be0c658ef34a1875cee9a49516b224bfa6bf6e5333f0427666db3512809ae5

libvpx-utils-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 29351d3c0da7b1e39f9a5a2a1ccb86b6b654c8f6f2788ae359c427eb2dbc8ea3

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

libvpx-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: c089acfd6a054393af1b8f04d089dbc2662fb866f6011ed8ecfe541c4f249629

libvpx-debugsource-1.7.0-10.el8_8.aarch64.rpm

SHA-256: dac0d506d6ea0b20063626e9c11aaee6f3764eeac2ec7a9b8cb98d6acb4f09ff

libvpx-devel-1.7.0-10.el8_8.aarch64.rpm

SHA-256: 6bf4f7acf47e80300edf950bb22155d3078694e9d24eeb71446b8616ca889ebf

libvpx-utils-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: 9fe0fb741ed7342102941aafa67b65376b8805a56ae9adec17ff71bfd7e39d44

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

libvpx-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 81682d61f4072f89b0767f09cfae1d2fd992a2e6d4913d7bce7ba90d7aa2b700

libvpx-debugsource-1.7.0-10.el8_8.s390x.rpm

SHA-256: ac31bb1257b9b5a65d3238494ebad4629eb3e1e5d9a74bc7c21956130c7b63dc

libvpx-devel-1.7.0-10.el8_8.s390x.rpm

SHA-256: 80036c30957ed44db25d25801a047272c3ecd702707d85cc9e3c635b81d887e7

libvpx-utils-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 98d65a99e87aba822b00f5d1c9f8f4ab0d5fddab711f2440241dd55dd506f696

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM

x86_64

libvpx-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 5f2697d8bfa54e1da0b674a4fe42799d5975fa773299802d7e3b7cdecbb4f582

libvpx-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 1c23a03af9ac72f7949e9e6a341219d2a290c0f1a9a503df866d42b8fb3e2361

libvpx-debugsource-1.7.0-10.el8_8.i686.rpm

SHA-256: a5d6d72425f104ae97b8eab76fa80e0beb7de0af2fb957c7d21000cc5da6c2fe

libvpx-debugsource-1.7.0-10.el8_8.x86_64.rpm

SHA-256: d4489cbe319baeb35b7b7f62d4a749be1817059217fc91726a5c4f10d744c72a

libvpx-devel-1.7.0-10.el8_8.i686.rpm

SHA-256: 9518378ab7c00f3fd7dce516c1b570b4d953757908d48ab13e719ec8a13fa71b

libvpx-devel-1.7.0-10.el8_8.x86_64.rpm

SHA-256: ad53f2c0ec0c13ba696123256402255c37fa57651aae318226b01b1cf77bbaaa

libvpx-utils-debuginfo-1.7.0-10.el8_8.i686.rpm

SHA-256: 47e4efb26c98bfb79fa3ee704c9f1a71ea4edd974ba977b3c593bb23fccb5a40

libvpx-utils-debuginfo-1.7.0-10.el8_8.x86_64.rpm

SHA-256: 4dfbb66bc7868bc8f197654cc3ad7737cf642d3cea7479adf0c8746fe2eb30a0

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8

SRPM

ppc64le

libvpx-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 8c4c7e768784dc1e8be18b3ea68af6ad1902351ba80be1f684e58f37577ecd0e

libvpx-debugsource-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: c686a3b4d653cb119a2aa8fe1cb04867ad85b4cef9fe3769e771b7090b94f6df

libvpx-devel-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 97be0c658ef34a1875cee9a49516b224bfa6bf6e5333f0427666db3512809ae5

libvpx-utils-debuginfo-1.7.0-10.el8_8.ppc64le.rpm

SHA-256: 29351d3c0da7b1e39f9a5a2a1ccb86b6b654c8f6f2788ae359c427eb2dbc8ea3

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM

s390x

libvpx-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 81682d61f4072f89b0767f09cfae1d2fd992a2e6d4913d7bce7ba90d7aa2b700

libvpx-debugsource-1.7.0-10.el8_8.s390x.rpm

SHA-256: ac31bb1257b9b5a65d3238494ebad4629eb3e1e5d9a74bc7c21956130c7b63dc

libvpx-devel-1.7.0-10.el8_8.s390x.rpm

SHA-256: 80036c30957ed44db25d25801a047272c3ecd702707d85cc9e3c635b81d887e7

libvpx-utils-debuginfo-1.7.0-10.el8_8.s390x.rpm

SHA-256: 98d65a99e87aba822b00f5d1c9f8f4ab0d5fddab711f2440241dd55dd506f696

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM

aarch64

libvpx-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: c089acfd6a054393af1b8f04d089dbc2662fb866f6011ed8ecfe541c4f249629

libvpx-debugsource-1.7.0-10.el8_8.aarch64.rpm

SHA-256: dac0d506d6ea0b20063626e9c11aaee6f3764eeac2ec7a9b8cb98d6acb4f09ff

libvpx-devel-1.7.0-10.el8_8.aarch64.rpm

SHA-256: 6bf4f7acf47e80300edf950bb22155d3078694e9d24eeb71446b8616ca889ebf

libvpx-utils-debuginfo-1.7.0-10.el8_8.aarch64.rpm

SHA-256: 9fe0fb741ed7342102941aafa67b65376b8805a56ae9adec17ff71bfd7e39d44

Related news

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by

Ubuntu Security Notice USN-6403-3

Ubuntu Security Notice 6403-3 - USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 16.04 LTS. It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-6198-01

Red Hat Security Advisory 2023-6198-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2023-6197-01

Red Hat Security Advisory 2023-6197-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2023-6196-01

Red Hat Security Advisory 2023-6196-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2023-6192-01

Red Hat Security Advisory 2023-6192-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Security Advisory 2023-6190-01

Red Hat Security Advisory 2023-6190-01 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Ubuntu Security Notice USN-6403-2

Ubuntu Security Notice 6403-2 - USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5538-01

Red Hat Security Advisory 2023-5538-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5539-01

Red Hat Security Advisory 2023-5539-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5534-01

Red Hat Security Advisory 2023-5534-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5537-01

Red Hat Security Advisory 2023-5537-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5536-01

Red Hat Security Advisory 2023-5536-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

RHSA-2023:5538: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compile...

RHSA-2023:5534: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML pag...

RHSA-2023:5535: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that ...

RHSA-2023:5536: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a...

RHSA-2023:5540: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compile...

Red Hat Security Advisory 2023-5475-01

Red Hat Security Advisory 2023-5475-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Debian Security Advisory 5518-1

Debian Linux Security Advisory 5518-1 - It was discovered that missing input sanitising in the encoding support in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service.

Red Hat Security Advisory 2023-5438-01

Red Hat Security Advisory 2023-5438-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5426-01

Red Hat Security Advisory 2023-5426-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.3.1 ESR. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5430-01

Red Hat Security Advisory 2023-5430-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

Update now! Apple patches vulnerabilities on iPhone and iPad

Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: iOS Tags: iPad Tags: 17.0.3 Tags: CVE-2023-42824 Tags: CVE-2023-5217 Apple has issued an emergency update to patch two vulnerabilities, including an actively exploited one. (Read more...) The post Update now! Apple patches vulnerabilities on iPhone and iPad appeared first on Malwarebytes Labs.

Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw

Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said it addressed the problem with improved checks. "Apple is aware of a report that this issue may have

Gentoo Linux Security Advisory 202310-04

Gentoo Linux Security Advisory 202310-4 - Multiple vulnerabilities have been discovered in libvpx, the worst of which could result in arbitrary code execution. Versions greater than or equal to 1.13.1 are affected.

RHSA-2023:5438: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3600: The Mozilla Foundation Security Advisory describes this flaw as: During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. * CVE-2023-5169: A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as:...

RHSA-2023:5440: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3600: The Mozilla Foundation Security Advisory describes this flaw as: During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. * CVE-2023-5169: A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A c...

Ubuntu Security Notice USN-6403-1

Ubuntu Security Notice 6403-1 - It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

CVE-2023-44488: Comparing v1.13.0...v1.13.1 · webmproject/libvpx

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

Apple, Microsoft, and Google Just Fixed Multiple Zero-Day Flaws

Plus: Mozilla patches 10 Firefox bugs, Cisco fixes a vulnerability with a rare maximum severity score, and SAP releases updates to stamp out three highly critical flaws.

Critical Chrome Update Counters Spyware Vendor’s Exploits

By Waqas Ensure Your Chrome Browser Is Up to Date and Secure: Enable Automatic Updates to Safeguard Against Cybersecurity Threats This is a post from HackRead.com Read the original post: Critical Chrome Update Counters Spyware Vendor’s Exploits