USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "libvpx5-dbgsym": "1.7.0-3ubuntu0.18.04.1+esm1", "vpx-tools-dbgsym": "1.7.0-3ubuntu0.18.04.1+esm1", "libvpx5": "1.7.0-3ubuntu0.18.04.1+esm1", "vpx-tools": "1.7.0-3ubuntu0.18.04.1+esm1", "libvpx-doc": "1.7.0-3ubuntu0.18.04.1+esm1", "libvpx-dev": "1.7.0-3ubuntu0.18.04.1+esm1" } ] }