==========================================================================
Ubuntu Security Notice USN-4199-2
July 15, 2020

libvpx vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in libvpx.

Software Description:
– libvpx: VP8 and VP9 video codec

Details:

USN-4199-1 fixed several vulnerabilities in libvpx. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that libvpx did not properly handle certain malformed
WebM media files. If an application using libvpx opened a specially crafted
WebM file, a remote attacker could cause a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
libvpx1 1.3.0-2ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4199-2
https://usn.ubuntu.com/4199-1
CVE-2017-13194, CVE-2019-9232, CVE-2019-9433
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl8POU0ACgkQRbznW4QL
H2lQgBAAmNIXlJ9JuKMOU4omrpLv9AVUHseQicEUKXxFOzhnlafw1yrnwoL1jCub
fCM0ZhOjTb4zXhAfF4n0jhoQ1hEyId5tBQJWZPMAbdI0roohW/tqFq4YwgG3APeu
GNXmjUc9FJ4tZyw4Xj6jcruA2UFqip1LsAgqtdsIKezEEC669lD6cyQZUbwr7kQz
qE/kfAer/UdBKn+IVli3g4KbhHrAojsv/onb9zftl5hsIwOl4+Z9FUKe5dzaTPwO
7ctU7nJh21MAgSM0MguhgIZ0Kz+UxQa6z2FBqwoDB2wT5ruu1upkOqB9hMGZjCbI
xG9UzauKz5ZT8+ujvZ2aa+K8DQkb0/gJkCSboDILxG11r0yQPjy7kranIg0ZCPQP
vyMJT6XQSh8HYaTlA7i1AxuNbxF/+wHg1u7z0xiU5gOgD3PlL/0POzFN/Iz+Pn8f
n/MZ+0A3MTu73LQ0JH6Q/Qk7JQueyu9FnX4DLA/20yHHqT7hq6VU3wae+PFsCzUA
JUuwAb9grA7OOKe4Nn47rgEkI3indd+ySVKC1X4YLa2Jtv3XcSMtEd9cYXO86rqT
FuDUCfhEl/nt0b6qEbE8wev9kHuLay8hoLcijLbUDj2pEz9a8zh/Gd3cWrzYtpKO
m0fDamcCIVe1ieVr9XNMmo652KTTEt3A0pNOt8T4B2o7/TOrT+I=
=BHFL
—–END PGP SIGNATURE—–
—