USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 16.04 LTS.
Original advisory details:
It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
{ "binaries": [ { "binary_name": "libvpx-dev", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "libvpx-dev-dbgsym", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "libvpx-doc", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "libvpx3", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "libvpx3-dbg", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "libvpx3-dbgsym", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "vpx-tools", "binary_version": "1.5.0-2ubuntu1.1+esm2" }, { "binary_name": "vpx-tools-dbgsym", "binary_version": "1.5.0-2ubuntu1.1+esm2" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }