Debian Security Advisory

DSA-5490-1 aom -- security update

Date Reported:
06 Sep 2023
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135, CVE-2021-30473, CVE-2021-30474, CVE-2021-30475.
More information:

Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.

For the oldstable distribution (bullseye), these problems have been fixed in version 1.0.0.errata1-3+deb11u1.

We recommend that you upgrade your aom packages.

For the detailed security status of aom please refer to its security tracker page at: