Bug#871931: libvpx: CVE-2017-0641
Salvatore Bonaccorso
carnil at debian.org
Sat Aug 12 16:59:38 UTC 2017
Source: libvpx
Version: 1.6.1-3
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for libvpx.
CVE-2017-0641[0]:
| A remote denial of service vulnerability in libvpx in Mediaserver
| could enable an attacker to use a specially crafted file to cause a
| device hang or reboot. This issue is rated as High severity due to the
| possibility of remote denial of service. Product: Android. Versions:
| 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID:
| A-34360591.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-0641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0641
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the pkg-multimedia-maintainers
mailing list