Mailing List Archive | ports@openbsd.org

From:: Landry Breuil <landry@openbsd.org>
Subject:: Re: UPDATE: libvpx 1.15.2
To:: Brad Smith <brad@comstyle.com>
Cc:: ports@openbsd.org
Date:: Sat, 5 Jul 2025 13:19:16 +0200

Download raw body.

Thread

2025-07-05 08:00 Brad Smith:
UPDATE: libvpx 1.15.2
- 2025-07-05 11:19 Landry Breuil:
  UPDATE: libvpx 1.15.2
- - 2025-07-08 03:40 Brad Smith:
    UPDATE: libvpx 1.15.2
  - - 2025-07-08 06:56 Landry Breuil:
      UPDATE: libvpx 1.15.2

Le Sat, Jul 05, 2025 at 04:00:47AM -0400, Brad Smith a écrit :
> Here is an update to libvpx 1.15.2.
> 
> CVE-2025-5283
> 
> Tested on aarch64.

was it tested on BTI ? with what consumers ? i'll try to put it on the
omnibook w/firefox.

does the cve warrant a backport to 7.7 which has 1.15.0 ?
and if so, why the major bump, removed syms ?

2025-07-05 08:00 Brad Smith:
UPDATE: libvpx 1.15.2
- 2025-07-05 11:19 Landry Breuil:
  UPDATE: libvpx 1.15.2
- - 2025-07-08 03:40 Brad Smith:
    UPDATE: libvpx 1.15.2
  - - 2025-07-08 06:56 Landry Breuil:
      UPDATE: libvpx 1.15.2