Source: libvpx Version: 1.12.0-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 1.15.0-2
Hi The recent MFSA's for firefox mention the following issue as critical: | A double-free could have occurred in vpx_codec_enc_init_multi after a | failed allocation when initializing the encoder for WebRTC. This could | have caused memory corruption and a potentially exploitable crash. Cf. https://www.mozilla.org/en-US/security/advisories/mfsa2025-44/ Fix is at: https://chromium.googlesource.com/webm/libvpx/+/1c758781c428c0e895645b95b8ff1512b6bdcecb Regards, Salvatore
