complete changelog

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libvpx?expand=0&rev=109
2020-01-10 13:46:33 +00:00 · 2020-01-10 13:46:33 +00:00 · da0de52e24
commit da0de52e24
parent 1c85cb5d8f
1 changed files with 8 additions and 1 deletions
--- a/libvpx.changes
+++ b/libvpx.changes
@ -1,7 +1,14 @@
 -------------------------------------------------------------------
 Fri Jan 10 10:35:38 UTC 2020 - Adrian Schröter <adrian@suse.de>

- Update to version 1.8.1:
+- Update to version 1.8.2:
+  Fixes:
+   - CVE-2019-2126 bsc#1160611: double free in ParseContentEncodingEntry()
+   - CVE-2019-9325 bsc#1160612: out-of-bounds read
+   - CVE-2019-9232 bsc#1160613: Fix OOB memory access on fuzzed data
+   - CVE-2019-9433 bsc#1160614: use-after-free in vp8_deblock()
+   - CVE-2019-9371 bsc#1160615: resource exhaustion after memory leak
+
  official changelog:
  * This release collects incremental improvements to many aspects of the library.
  * Upgrading: