Debian Security Advisory
DSA-5490-1 aom -- security update
- Date Reported:
- 06 Sep 2023
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135, CVE-2021-30473, CVE-2021-30474, CVE-2021-30475.
- More information:
Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.
For the oldstable distribution (bullseye), these problems have been fixed in version 1.0.0.errata1-3+deb11u1.
We recommend that you upgrade your aom packages.
For the detailed security status of aom please refer to its security tracker page at: https://security-tracker.debian.org/tracker/aom