-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6143-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 19, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : libvpx CVE ID : CVE-2026-2447 A buffer overflow was discovered in libvpx, a library implementing the VP8/VP9 open video codecs, which could result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed in version 1.12.0-1+deb12u5. For the stable distribution (trixie), these problems have been fixed in version 1.15.0-2.1+deb13u1. We recommend that you upgrade your libvpx packages. For the detailed security status of libvpx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libvpx Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmmXb9wACgkQEMKTtsN8 TjYk0g/9EdwV6vH4viZFs9EIgCCoAzwyY87wXSZzzJwZuFsp6NXAfB1qD6QvaKTT ZZSByb4THzELKpRnS884CixAshidC1rUgd+RAzvsTtT8z7690kdXiqChs6M0EKv8 jSKhVnWvGUjRVeuHTtx42MgUBttdDNnkLUNhHQdnNvrmiC8ur6zyI37StSPoW30B WI5pbECzAHACFHWLCp1Ejb+wYksLv8DobPR2bZW78aiFP6nzMG9uhr8lkHHpOitX rWhinwC7aBnpV1xXpsVr3H/1UTEUcfmQL85y25ON0v89bT/yhNc6K6u83G+T0EWV qtwhLOU9B/ad3ydY1+kAJkiCd4gSKTVDG7qAYmwZDKfJg3cHoiVFMoajW/N/gIay YSVF+tgQnm0xZklG/pRyoBLiu47tqryVuehutFdkVg2dOiiIVs3x1D2Ejah9mehr BTXb9U95jVjn65NFcFoCPaW/XJV743tFcXftfnx7xEsseE+b8mt6N1GvC6uiMyNK iiPaiQEaGRPH3BBLeDs9H39kK6SO7lRN7ndL0dyCbuWhH75D1DzhhH9o9JaAXGHI pV/xKiG/aox53ZDzxGCnFxzlNQzEqz6wrtYP5wZCxPmegExgxQiDcnW9xN2dbbMI CdhJ1VZ4TCBQ/tPNLzaiXEPiuNQr9Xyb0hH4ipZKBPZycDbOcm4= =ssk8 -----END PGP SIGNATURE-----
