Branch c10f2 update bulletin.

Package dav1d updated to version 1.4.0-alt1 for branch c10f2 in task 341408.

Published: 2023-05-10
Modified: 2025-01-28

CVE-2023-32570

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.

Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla

Version: 2.1.0