Synopsis: Moderate: libvpx security update Advisory ID: SLSA-2020:3876-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-9433 CVE-2019-9232 CVE-2020-0034 CVE-2017-0393 -- Security Fix(es): * libvpx: Denial of service in mediaserver (CVE-2017-0393) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433) * libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c (CVE-2020-0034) -- SL7 x86_64 libvpx-1.3.0-8.el7.x86_64.rpm libvpx-1.3.0-8.el7.i686.rpm libvpx-debuginfo-1.3.0-8.el7.i686.rpm libvpx-debuginfo-1.3.0-8.el7.x86_64.rpm libvpx-devel-1.3.0-8.el7.i686.rpm libvpx-devel-1.3.0-8.el7.x86_64.rpm libvpx-utils-1.3.0-8.el7.x86_64.rpm - Scientific Linux Development Team