| Package | libvpx |
|---|---|
| Version | 1.6.1-3+deb9u7 (stretch), 1.7.0-3+deb10u4 (buster) |
| Related CVEs | CVE-2025-5283 |
Double free on init failure has been fixed in libvpx, a library for decoding and encoding VP8 and VP9 videos.
For Debian 10 buster, these problems have been fixed in version 1.7.0-3+deb10u4.
For Debian 9 stretch, these problems have been fixed in version 1.6.1-3+deb9u7.
We recommend that you upgrade your libvpx packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.