[SECURITY] Fedora 34 Update: aom-3.1.1-1.fc34

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-1c3f7963a5 2021-06-16 01:03:31.627581 -------------------------------------------------------------------------------- Name : aom Product : Fedora 34 Version : 3.1.1 Release : 1.fc34 URL : http://aomedia.org/ Summary : Royalty-free next-generation video format Description : The Alliance for Open Media���s focus is to deliver a next-generation video format that is: - Interoperable and open; - Optimized for the Internet; - Scalable to any modern device at any bandwidth; - Designed with a low computational footprint and optimized for hardware; - Capable of consistent, highest-quality, real-time video delivery; and - Flexible for both commercial and non-commercial content, including user-generated content. This package contains the reference encoder and decoder. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug with 100% cpu utilization on network link change (or wakeup) when websockets are in use (well-known "github + polyfill addon and wakeup" issue), and backport some other improvements from upstream. -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 13 2021 Robert-Andr�� Mauchin <zebob.m(a)gmail.com&gt; - 3.1.1-1 - Update to 3.1.1 - Close: rhbz#1954337 - Security fix for CVE-2021-30473 - Fix: rhbz#1961375 - Fix: rhbz#1961376 - Security fix for CVE-2021-30475 - Fix: rhbz#1968017 - Fix: rhbz#1968018 * Wed Mar 10 2021 Leigh Scott <leigh123linux(a)gmail.com&gt; - 2.0.1-5 - Rebuild for new libvmaf version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is not located on the heap https://bugzilla.redhat.com/show_bug.cgi?id=1961375 [ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c https://bugzilla.redhat.com/show_bug.cgi?id=1968017 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-1c3f7963a5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------