An update for libtheora is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1369 Final 1.0 1.0 2025-04-03 Initial 2025-04-03 2025-04-03 openEuler SA Tool V1.0 2025-04-03 libtheora security update An update for libtheora is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1 Theora is a free and open video compression format from the Xiph.org Foundation. Like all our multimedia technology it can be used to distribute film and video online and on disc without the licensing and royalty fees or vendor lock-in associated with other formats. Security Fix(es): oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift.(CVE-2024-56431) An update for libtheora is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical libtheora https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1369 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56431 https://nvd.nist.gov/vuln/detail/CVE-2024-56431 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 libtheora-1.1.1-25.oe2003sp4.aarch64.rpm libtheora-debuginfo-1.1.1-25.oe2003sp4.aarch64.rpm libtheora-debugsource-1.1.1-25.oe2003sp4.aarch64.rpm libtheora-devel-1.1.1-25.oe2003sp4.aarch64.rpm theora-tools-1.1.1-25.oe2003sp4.aarch64.rpm libtheora-1.1.1-26.oe2203sp3.aarch64.rpm libtheora-debuginfo-1.1.1-26.oe2203sp3.aarch64.rpm libtheora-debugsource-1.1.1-26.oe2203sp3.aarch64.rpm libtheora-devel-1.1.1-26.oe2203sp3.aarch64.rpm theora-tools-1.1.1-26.oe2203sp3.aarch64.rpm libtheora-1.1.1-26.oe2203sp4.aarch64.rpm libtheora-debuginfo-1.1.1-26.oe2203sp4.aarch64.rpm libtheora-debugsource-1.1.1-26.oe2203sp4.aarch64.rpm libtheora-devel-1.1.1-26.oe2203sp4.aarch64.rpm theora-tools-1.1.1-26.oe2203sp4.aarch64.rpm libtheora-1.1.1-28.oe2403.aarch64.rpm libtheora-debuginfo-1.1.1-28.oe2403.aarch64.rpm libtheora-debugsource-1.1.1-28.oe2403.aarch64.rpm libtheora-devel-1.1.1-28.oe2403.aarch64.rpm theora-tools-1.1.1-28.oe2403.aarch64.rpm libtheora-1.1.1-28.oe2403sp1.aarch64.rpm libtheora-debuginfo-1.1.1-28.oe2403sp1.aarch64.rpm libtheora-debugsource-1.1.1-28.oe2403sp1.aarch64.rpm libtheora-devel-1.1.1-28.oe2403sp1.aarch64.rpm theora-tools-1.1.1-28.oe2403sp1.aarch64.rpm libtheora-1.1.1-25.oe2003sp4.src.rpm libtheora-1.1.1-26.oe2203sp3.src.rpm libtheora-1.1.1-26.oe2203sp4.src.rpm libtheora-1.1.1-28.oe2403.src.rpm libtheora-1.1.1-28.oe2403sp1.src.rpm libtheora-1.1.1-25.oe2003sp4.x86_64.rpm libtheora-debuginfo-1.1.1-25.oe2003sp4.x86_64.rpm libtheora-debugsource-1.1.1-25.oe2003sp4.x86_64.rpm libtheora-devel-1.1.1-25.oe2003sp4.x86_64.rpm theora-tools-1.1.1-25.oe2003sp4.x86_64.rpm libtheora-1.1.1-26.oe2203sp3.x86_64.rpm libtheora-debuginfo-1.1.1-26.oe2203sp3.x86_64.rpm libtheora-debugsource-1.1.1-26.oe2203sp3.x86_64.rpm libtheora-devel-1.1.1-26.oe2203sp3.x86_64.rpm theora-tools-1.1.1-26.oe2203sp3.x86_64.rpm libtheora-1.1.1-26.oe2203sp4.x86_64.rpm libtheora-debuginfo-1.1.1-26.oe2203sp4.x86_64.rpm libtheora-debugsource-1.1.1-26.oe2203sp4.x86_64.rpm libtheora-devel-1.1.1-26.oe2203sp4.x86_64.rpm theora-tools-1.1.1-26.oe2203sp4.x86_64.rpm libtheora-1.1.1-28.oe2403.x86_64.rpm libtheora-debuginfo-1.1.1-28.oe2403.x86_64.rpm libtheora-debugsource-1.1.1-28.oe2403.x86_64.rpm libtheora-devel-1.1.1-28.oe2403.x86_64.rpm theora-tools-1.1.1-28.oe2403.x86_64.rpm libtheora-1.1.1-28.oe2403sp1.x86_64.rpm libtheora-debuginfo-1.1.1-28.oe2403sp1.x86_64.rpm libtheora-debugsource-1.1.1-28.oe2403sp1.x86_64.rpm libtheora-devel-1.1.1-28.oe2403sp1.x86_64.rpm theora-tools-1.1.1-28.oe2403sp1.x86_64.rpm libtheora-help-1.1.1-25.oe2003sp4.noarch.rpm libtheora-help-1.1.1-26.oe2203sp3.noarch.rpm libtheora-help-1.1.1-26.oe2203sp4.noarch.rpm libtheora-help-1.1.1-28.oe2403.noarch.rpm libtheora-help-1.1.1-28.oe2403sp1.noarch.rpm oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. 2025-04-03 CVE-2024-56431 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 Critical 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H libtheora security update 2025-04-03 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1369