FEDORA-2023-f696934fbf — security update for libvpx

stable

libvpx-1.12.0-4.fc37

FEDORA-2023-f696934fbf created by ngompa 2 years ago for Fedora 37

Security fixes for CVE-2023-5217 and CVE-2023-44488

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-f696934fbf

This update has been submitted for testing by ngompa.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'failed'.

2 years ago

This update's test gating status has been changed to 'passed'.

2 years ago

This update has been pushed to testing.

2 years ago

filiperosset commented & provided feedback 2 years ago

karma

no regressions noted

ngompa edited this update.

New build(s):

libvpx-1.12.0-4.fc37

Removed build(s):

libvpx-1.12.0-3.fc37

Karma has been reset.

2 years ago

This update has been submitted for testing by ngompa.

2 years ago

This update has been pushed to testing.

2 years ago

jmakey commented & provided feedback 2 years ago

karma

no regressions seen

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please log in to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

2 years ago

in testing

2 years ago

in stable

2 years ago

modified

2 years ago

approved

2 years ago

Builds

libvpx-1.12.0-4.fc37

BZ#2241260 CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx [fedora-all]

BZ#2241812 CVE-2023-44488 libvpx: TRIAGE-CVE-2023-44488 libvpx: crash related to VP9 encoding [fedora-all]

libvpx-1.12.0-4.fc37

Automated Test Results

passed