[SECURITY] Fedora EPEL 8 Update: aom-3.1.1-1.el8 - epel-package-announce - Fedora mailing-lists

28 Jun 2021


      --------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2021-0209079fce
2021-06-29 00:32:23.378012
--------------------------------------------------------------------------------
Name        : aom
Product     : Fedora EPEL 8
Version     : 3.1.1
Release     : 1.el8
URL         : http://aomedia.org/
Summary     : Royalty-free next-generation video format
Description :
The Alliance for Open Media���s focus is to deliver a next-generation
video format that is:
- Interoperable and open;
 - Optimized for the Internet;
 - Scalable to any modern device at any bandwidth;
 - Designed with a low computational footprint and optimized for hardware;
 - Capable of consistent, highest-quality, real-time video delivery; and
 - Flexible for both commercial and non-commercial content, including
   user-generated content.
This package contains the reference encoder and decoder.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-30473 Security fix for CVE-2021-30475
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 13 2021 Robert-Andr�� Mauchin zebob.m@gmail.com - 3.1.1-1
- Update to 3.1.1
- Close: rhbz#1954337
- Security fix for CVE-2021-30473
- Fix: rhbz#1961375
- Fix: rhbz#1961376
- Security fix for CVE-2021-30475
- Fix: rhbz#1968017
- Fix: rhbz#1968018
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is not located on the heap
        https://bugzilla.redhat.com/show_bug.cgi?id=1961375
  [ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs.  Use
su -c 'yum update aom' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7%5C
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------