It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.8.2-1ubuntu0.2", "binary_name": "libvpx-dev" }, { "binary_version": "1.8.2-1ubuntu0.2", "binary_name": "libvpx-doc" }, { "binary_version": "1.8.2-1ubuntu0.2", "binary_name": "libvpx6" }, { "binary_version": "1.8.2-1ubuntu0.2", "binary_name": "libvpx6-dbgsym" }, { "binary_version": "1.8.2-1ubuntu0.2", "binary_name": "vpx-tools" }, { "binary_version": "1.8.2-1ubuntu0.2", "binary_name": "vpx-tools-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.11.0-2ubuntu2.2", "binary_name": "libvpx-dev" }, { "binary_version": "1.11.0-2ubuntu2.2", "binary_name": "libvpx-doc" }, { "binary_version": "1.11.0-2ubuntu2.2", "binary_name": "libvpx7" }, { "binary_version": "1.11.0-2ubuntu2.2", "binary_name": "libvpx7-dbgsym" }, { "binary_version": "1.11.0-2ubuntu2.2", "binary_name": "vpx-tools" }, { "binary_version": "1.11.0-2ubuntu2.2", "binary_name": "vpx-tools-dbgsym" } ] }