An update for libvpx is now available for openEuler-24.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1592 Final 1.0 1.0 2025-06-06 Initial 2025-06-06 2025-06-06 openEuler SA Tool V1.0 2025-06-06 libvpx security update An update for libvpx is now available for openEuler-24.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide. Security Fix(es): Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)(CVE-2025-5283) An update for libvpx is now available for openEuler-24.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium libvpx https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1592 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-5283 https://nvd.nist.gov/vuln/detail/CVE-2025-5283 openEuler-24.03-LTS-SP1 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS libvpx-1.13.1-4.oe2403sp1.aarch64.rpm libvpx-debuginfo-1.13.1-4.oe2403sp1.aarch64.rpm libvpx-debugsource-1.13.1-4.oe2403sp1.aarch64.rpm libvpx-devel-1.13.1-4.oe2403sp1.aarch64.rpm libvpx-1.7.0-12.oe2003sp4.aarch64.rpm libvpx-debuginfo-1.7.0-12.oe2003sp4.aarch64.rpm libvpx-debugsource-1.7.0-12.oe2003sp4.aarch64.rpm libvpx-devel-1.7.0-12.oe2003sp4.aarch64.rpm libvpx-1.7.0-13.oe2203sp3.aarch64.rpm libvpx-debuginfo-1.7.0-13.oe2203sp3.aarch64.rpm libvpx-debugsource-1.7.0-13.oe2203sp3.aarch64.rpm libvpx-devel-1.7.0-13.oe2203sp3.aarch64.rpm libvpx-1.7.0-13.oe2203sp4.aarch64.rpm libvpx-debuginfo-1.7.0-13.oe2203sp4.aarch64.rpm libvpx-debugsource-1.7.0-13.oe2203sp4.aarch64.rpm libvpx-devel-1.7.0-13.oe2203sp4.aarch64.rpm libvpx-1.13.1-4.oe2403.aarch64.rpm libvpx-debuginfo-1.13.1-4.oe2403.aarch64.rpm libvpx-debugsource-1.13.1-4.oe2403.aarch64.rpm libvpx-devel-1.13.1-4.oe2403.aarch64.rpm libvpx-1.13.1-4.oe2403sp1.src.rpm libvpx-1.7.0-12.oe2003sp4.src.rpm libvpx-1.7.0-13.oe2203sp3.src.rpm libvpx-1.7.0-13.oe2203sp4.src.rpm libvpx-1.13.1-4.oe2403.src.rpm libvpx-1.13.1-4.oe2403sp1.x86_64.rpm libvpx-debuginfo-1.13.1-4.oe2403sp1.x86_64.rpm libvpx-debugsource-1.13.1-4.oe2403sp1.x86_64.rpm libvpx-devel-1.13.1-4.oe2403sp1.x86_64.rpm libvpx-1.7.0-12.oe2003sp4.x86_64.rpm libvpx-debuginfo-1.7.0-12.oe2003sp4.x86_64.rpm libvpx-debugsource-1.7.0-12.oe2003sp4.x86_64.rpm libvpx-devel-1.7.0-12.oe2003sp4.x86_64.rpm libvpx-1.7.0-13.oe2203sp3.x86_64.rpm libvpx-debuginfo-1.7.0-13.oe2203sp3.x86_64.rpm libvpx-debugsource-1.7.0-13.oe2203sp3.x86_64.rpm libvpx-devel-1.7.0-13.oe2203sp3.x86_64.rpm libvpx-1.7.0-13.oe2203sp4.x86_64.rpm libvpx-debuginfo-1.7.0-13.oe2203sp4.x86_64.rpm libvpx-debugsource-1.7.0-13.oe2203sp4.x86_64.rpm libvpx-devel-1.7.0-13.oe2203sp4.x86_64.rpm libvpx-1.13.1-4.oe2403.x86_64.rpm libvpx-debuginfo-1.13.1-4.oe2403.x86_64.rpm libvpx-debugsource-1.13.1-4.oe2403.x86_64.rpm libvpx-devel-1.13.1-4.oe2403.x86_64.rpm Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) 2025-06-06 CVE-2025-5283 openEuler-24.03-LTS-SP1 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS Medium 5.4 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N libvpx security update 2025-06-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1592