libvpx-1.7.0-13.el8_10

エラータID: AXSA:2026-287:01

Release date: 
Thursday, March 12, 2026 - 15:45
Subject: 
libvpx-1.7.0-13.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

* libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-2447
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.

Solution: 

Update packages.

CVEs: 
CVE-2026-2447
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
Additional Info: 

N/A

Download: 

SRPMS
  1. libvpx-1.7.0-13.el8_10.src.rpm
    MD5: 8a35c98162b19ff9b332027c645477d9
    SHA-256: 9f5e36f530e55e32694f96113514f5cbc54408f12c4b3134fdb405abb444b362
    Size: 2.58 MB

Asianux Server 8 for x86_64
  1. libvpx-1.7.0-13.el8_10.i686.rpm
    MD5: f813e0e429f433e0e61f991affe4901a
    SHA-256: 6acc19b94c19a96e07008c26a6e8ea97f91e934e21da7830d0f60f78a8c0896a
    Size: 884.61 kB
  2. libvpx-1.7.0-13.el8_10.x86_64.rpm
    MD5: 12120bb1bc5286535a146fc1f3e653f7
    SHA-256: 0f621e5176c4a980317fae4f45868ccd42ed5016afdb185b8f5ea8e67af2374b
    Size: 853.76 kB
  3. libvpx-devel-1.7.0-13.el8_10.i686.rpm
    MD5: dcc9a916945cec811deff2c141d9c9d6
    SHA-256: 5db290a1a8de07dece8df135f50f292660b423e36a658153280ba44b9424ba94
    Size: 328.59 kB
  4. libvpx-devel-1.7.0-13.el8_10.x86_64.rpm
    MD5: 4e5923356bf45c385c1bda3f740ca145
    SHA-256: 959992e969d27b64c6ffc7cb676df154aea95ed1896cd5e13ec659ec4a8e56ca
    Size: 328.56 kB