libvpx (1.11.0-2ubuntu2.4) jammy-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2025-5283.patch: fix double free on init failure.
- CVE-2025-5283
-- Fabian Toepfer <fabian.toepfer@canonical.com> Mon, 02 Jun 2025 16:59:08 +0200
libvpx (1.11.0-2ubuntu2.3) jammy-security; urgency=medium
* SECURITY UPDATE: multiple integer overflows
- debian/patches/CVE-2024-5197-pre1.patch: add test/vpx_image_test.cc.
- debian/patches/CVE-2024-5197-1.patch: fix integer overflows in calc
of stride_in_bytes in test/vpx_image_test.cc, vpx/src/vpx_image.c.
- debian/patches/CVE-2024-5197-2.patch: avoid integer overflows in
arithmetic operations in test/vpx_image_test.cc, vpx/src/vpx_image.c,
vpx/vpx_image.h.
- debian/patches/CVE-2024-5197-3.patch: fix a bug in alloc_size for
high bit depths in vpx/src/vpx_image.c.
- CVE-2024-5197
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 05 Jun 2024 10:04:53 -0400
libvpx (1.11.0-2ubuntu2.2) jammy-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in vp8 encoding
- debian/patches/CVE-2023-5217.patch: disallow thread count changes
in vp8/encoder/onyx_if.c.
- CVE-2023-5217
* SECURITY UPDATE: Width mishandling in vp9 encoding
- debian/patches/CVE-2023-44488.patch: fix bug with smaller width
bigger size in test/resize_test.cc, vp9/common/vp9_alloccommon.c,
vp9/encoder/vp9_encoder.c.
- CVE-2023-44488
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 02 Oct 2023 06:43:10 -0400
libvpx (1.11.0-2ubuntu2) jammy; urgency=high
* No change rebuild for ppc64el baseline bump.
-- Julian Andres Klode <juliank@ubuntu.com> Thu, 24 Mar 2022 17:21:29 +0100
libvpx (1.11.0-2ubuntu1) jammy; urgency=medium
* Merge with Debian, reamining Ubuntu changes:
* debian/rules:
- Disable LTO and fix FTBFS when building with GCC 11.
-- Robert Ancell <robert.ancell@canonical.com> Wed, 17 Nov 2021 10:11:05 +1300
libvpx (1.11.0-2) unstable; urgency=medium
* Team upload
* Upload to unstable
-- Sebastian Ramacher <sramacher@debian.org> Sun, 24 Oct 2021 17:08:21 +0200
libvpx (1.11.0-1) experimental; urgency=medium
* Team upload
[ Jakub Adam ]
* Enable VP9 high bit depth (10/12) profiles.
[ Sebastian Ramacher ]
* New upstream version 1.11.0
* SONAME bump: libvpx6 -> libvpx7
* debian/control: Remove incorrect MA: foreign from vpx-tools
-- Sebastian Ramacher <sramacher@debian.org> Sun, 10 Oct 2021 22:18:17 +0200
libvpx (1.10.0-2) unstable; urgency=medium
* debian/: Relax ABI version check and bump minimum version for init
functions
-- Sebastian Ramacher <sramacher@debian.org> Tue, 31 Aug 2021 08:59:02 +0200
libvpx (1.10.0-1) unstable; urgency=medium
* Team upload
[ Debian Janitor ]
* Set upstream metadata fields: Repository, Repository-Browse.
* Remove constraints unnecessary since buster
[ Sebastian Ramacher ]
* New upstream release
* debian/control:
- Bump Standards-Version
- Drop obsolete Pre-Depends
* debian/rules: Do not install README and AUTHORS
-- Sebastian Ramacher <sramacher@debian.org> Tue, 24 Aug 2021 22:56:11 +0200
libvpx (1.9.0-1ubuntu1) impish; urgency=medium
* d/rules: Disable LTO and fix FTBFS when building with GCC 11.
(LP: #1939640)
-- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 11 Aug 2021 22:25:45 -0400
# For older changelog entries, run 'apt-get changelog libvpx-doc'
Generated by dwww version 1.14 on Fri Aug 15 08:10:48 CEST 2025.