Amazon Linux 2023 Security Advisory: ALAS2023-2023-413
Advisory Released Date: 2023-11-03
Advisory Updated Date: 2023-11-03
Severity:
Medium
Issue Overview:
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. (CVE-2023-44488)
Affected Packages:
libvpx
Issue Correction:
Run dnf update libvpx --releasever 2023.2.20231030 to update your system.
New Packages:
aarch64:
libvpx-debuginfo-1.11.0-1.amzn2023.0.3.aarch64
libvpx-1.11.0-1.amzn2023.0.3.aarch64
libvpx-utils-debuginfo-1.11.0-1.amzn2023.0.3.aarch64
libvpx-utils-1.11.0-1.amzn2023.0.3.aarch64
libvpx-devel-1.11.0-1.amzn2023.0.3.aarch64
libvpx-debugsource-1.11.0-1.amzn2023.0.3.aarch64
src:
libvpx-1.11.0-1.amzn2023.0.3.src
x86_64:
libvpx-debuginfo-1.11.0-1.amzn2023.0.3.x86_64
libvpx-utils-debuginfo-1.11.0-1.amzn2023.0.3.x86_64
libvpx-1.11.0-1.amzn2023.0.3.x86_64
libvpx-utils-1.11.0-1.amzn2023.0.3.x86_64
libvpx-devel-1.11.0-1.amzn2023.0.3.x86_64
libvpx-debugsource-1.11.0-1.amzn2023.0.3.x86_64