[Git][security-tracker-team/security-tracker][master] 2 commits: Add new libvpx issue

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c809b7b5 by Salvatore Bonaccorso at 2025-05-27T23:05:36+02:00
Add new libvpx issue

- - - - -
7c6a8f8e by Salvatore Bonaccorso at 2025-05-27T23:05:36+02:00
Add libvpx to dsa-needed list

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,6 @@
+CVE-2025-XXXX [double-free in vpx_codec_enc_init_multi]
+	- libvpx <unfixed> (bug #1106689)
+	NOTE: Fixed by: https://chromium.googlesource.com/webm/libvpx/+/1c758781c428c0e895645b95b8ff1512b6bdcecb
 CVE-2025-5252 (A vulnerability was found in PHPGurukul News Portal Project 4.1. It ha ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-5251 (A vulnerability was found in PHPGurukul News Portal Project 4.1. It ha ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -29,6 +29,8 @@ jpeg-xl
 libavif (carnil)
   NMU done in unstable/trixie
 --
+libvpx (carnil)
+--
 libreswan
   Waiting on feedback from maintainer
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/68321a6a5c86aa8026fe96ba14ba14339c07660e...7c6a8f8ef4b3f0c9a1bc32e9186f2dcbfe08bd7b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/68321a6a5c86aa8026fe96ba14ba14339c07660e...7c6a8f8ef4b3f0c9a1bc32e9186f2dcbfe08bd7b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250527/8f31cbaf/attachment.htm>