A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "libvpx-dev", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "libvpx3", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "vpx-tools", "binary_version": "1.5.0-2ubuntu1.1+esm2" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "libvpx-dev", "binary_version": "1.7.0-3ubuntu0.18.04.1+esm1" }, { "binary_name": "libvpx5", "binary_version": "1.7.0-3ubuntu0.18.04.1+esm1" }, { "binary_name": "vpx-tools", "binary_version": "1.7.0-3ubuntu0.18.04.1+esm1" } ] }