Bug 26689

Summary: libvpx new security issue CVE-2020-0034
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: geiger.david68210
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7TOO
Source RPM: libvpx-1.8.2-2.mga8.src.rpm CVE:
Status comment:

Description David Walser 2020-05-26 23:54:12 CEST 
openSUSE has issued an advisory on May 23:
https://lists.opensuse.org/opensuse-updates/2020-05/msg00126.html

Mageia 7 is also affected.
David Walser 2020-05-26 23:54:26 CEST

Whiteboard: (none) => MGA7TOO

Comment 1 David GEIGER 2020-05-27 15:19:34 CEST 
This security issue don't affect release 1.8.1 and 1.8.2, already fixed upstream.

CC: (none) => geiger.david68210

Comment 2 David Walser 2020-05-27 15:26:56 CEST 
Indeed, fixed upstream in 1.7.0 it looks like.

Resolution: (none) => INVALID
Status: NEW => RESOLVED