File libaom.changes of Package libaom.34234
------------------------------------------------------------------- Mon Jun 10 12:03:34 UTC 2024 - pgajdos@suse.com - security update - added patches fix CVE-2024-5171 [bsc#1226020], heap buffer overflow in img_alloc_helper() caused by integer overflow + libaom-CVE-2024-5171.patch ------------------------------------------------------------------- Tue May 23 09:28:57 UTC 2023 - pgajdos@suse.com - security update - added patches fix CVE-2020-0470 [bsc#1180033], In extend_frame_highbd of restoration.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. U + libaom-CVE-2020-0470.patch ------------------------------------------------------------------- Wed Mar 30 13:16:23 UTC 2022 - pgajdos@suse.com - security update - added patches fix CVE-2021-30473 [bsc#1185778], aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. + libaom-CVE-2021-30473.patch ------------------------------------------------------------------- Tue Dec 7 14:30:05 UTC 2021 - pgajdos@suse.com - security update - added patches fix CVE-2020-36129 [bsc#1193356], AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. fix CVE-2020-36131 [bsc#1193365], AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. fix CVE-2020-36135 [bsc#1193366], AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component rate_hist.c. + libaom-CVE-2020-36129,36131,36135.patch fix CVE-2020-36130 [bsc#1193369], AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c. + libaom-CVE-2020-36130.patch ------------------------------------------------------------------- Thu Sep 9 13:47:19 UTC 2021 - pgajdos@suse.com - security update - added patches fix CVE-2021-30474 [bsc#1186799], aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. + libaom-CVE-2021-30474.patch ------------------------------------------------------------------- Wed Aug 25 09:33:50 UTC 2021 - pgajdos@suse.com - security update - added patches fix CVE-2021-30475 [bsc#1189497], Buffer overflow in aom_dsp/noise_model.c + libaom-CVE-2021-30475.patch ------------------------------------------------------------------- Tue Jul 31 21:29:49 UTC 2018 - 9+suse@cirno.systems - Enable CONFIG_LOWBITDEPTH. Makes 8-bit decoding faster. The only reason this confusingly-named option is not enabled by default is that its behavior might not match the 16-bit reference code path, and that hardware vendors want to be able to validate their designs against it. No actual mismatches have been found. See https://bugs.chromium.org/p/aomedia/issues/detail?id=2062 ------------------------------------------------------------------- Mon Jul 30 13:09:23 UTC 2018 - bjorn.lie@gmail.com - Pass conditional AOM_TARGET_CPU to cmake, fix build for arm and ppc, as well as optimize target cpu for other arches. ------------------------------------------------------------------- Fri Jul 27 14:42:25 UTC 2018 - 9+suse@cirno.systems - Init, v1.0.0




