Bug#1035950: dav1d: CVE-2023-32570
Source: dav1d
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for dav1d.
CVE-2023-32570[0]:
| VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that
| can lead to an application crash, related to dav1d_decode_frame_exit.
https://code.videolan.org/videolan/dav1d/-/commit/cf617fdae0b9bfabd27282854c8e81450d955efa (1.2.0)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-32570
https://www.cve.org/CVERecord?id=CVE-2023-32570
Please adjust the affected versions in the BTS as needed.
Reply to:
- Prev by Date:
Bug#1035902: obs-studio: NVENC codec fails unless I use ffmpeg to encode a video first
- Next by Date:
Processed: tagging 1035957, tagging 1035956, tagging 1035955, tagging 1035954, tagging 1035953, tagging 1035952 ...
- Previous by thread:
Bug#1035902: obs-studio: NVENC codec fails unless I use ffmpeg to encode a video first
- Next by thread:
Processed: tagging 1035957, tagging 1035956, tagging 1035955, tagging 1035954, tagging 1035953, tagging 1035952 ...
- Index(es):