FEDORA-2023-f696934fbf — security update for libvpx

stable

libvpx-1.12.0-4.fc37

FEDORA-2023-f696934fbf created by ngompa a year ago for Fedora 37

Security fixes for CVE-2023-5217 and CVE-2023-44488

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-f696934fbf

This update has been submitted for testing by ngompa.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

This update has been pushed to testing.

a year ago

filiperosset commented & provided feedback a year ago

karma

no regressions noted

ngompa edited this update.

New build(s):

libvpx-1.12.0-4.fc37

Removed build(s):

libvpx-1.12.0-3.fc37

Karma has been reset.

a year ago

This update has been submitted for testing by ngompa.

a year ago

This update has been pushed to testing.

a year ago

jmakey commented & provided feedback a year ago

karma

no regressions seen

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

modified

a year ago

approved

a year ago

Builds

libvpx-1.12.0-4.fc37

BZ#2241260 CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx [fedora-all]

BZ#2241812 CVE-2023-44488 libvpx: TRIAGE-CVE-2023-44488 libvpx: crash related to VP9 encoding [fedora-all]

libvpx-1.12.0-4.fc37

Automated Test Results

passed