openSUSE-SU-2020:0680-1

Опубликовано: 22 мая 2020

Источник: suse-cvrf

Описание

Security update for libvpx

This update for libvpx fixes the following issues:

CVE-2020-0034: Fixed an out-of-bounds read on truncated key frames (bsc#1166066).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.1

libvpx-devel-1.6.1-lp151.5.6.1

libvpx4-1.6.1-lp151.5.6.1

libvpx4-32bit-1.6.1-lp151.5.6.1

vpx-tools-1.6.1-lp151.5.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TCLO6H4TMYC4OPEGZQNYZIQBWIOHFIVS/
E-Mail link for openSUSE-SU-2020:0680-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1166066
SUSE Bug 1166066
https://www.suse.com/security/cve/CVE-2020-0034/
SUSE CVE CVE-2020-0034 page

Описание

In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770

Затронутые продукты

openSUSE Leap 15.1:libvpx-devel-1.6.1-lp151.5.6.1

openSUSE Leap 15.1:libvpx4-1.6.1-lp151.5.6.1

openSUSE Leap 15.1:libvpx4-32bit-1.6.1-lp151.5.6.1

openSUSE Leap 15.1:vpx-tools-1.6.1-lp151.5.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-0034.html
CVE-2020-0034
https://bugzilla.suse.com/1166066
SUSE Bug 1166066

openSUSE-SU-2020:0680-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2020-0034

Описание

Затронутые продукты

Ссылки