| Package | libde265 |
|---|---|
| Version | 1.0.11-0+deb9u7 (stretch), 1.0.11-0+deb10u7 (buster) |
| Related CVEs | CVE-2023-51792 CVE-2026-33164 CVE-2026-33165 |
It was found that libde265, an open source implementation of the H.265 video codec, had multiple vulnerabilities which included both stack and heap out of bound writes that could lead to denial of service, etc.
For Debian 10 buster, these problems have been fixed in version 1.0.11-0+deb10u7.
For Debian 9 stretch, these problems have been fixed in version 1.0.11-0+deb9u7.
We recommend that you upgrade your libde265 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.