| Package | libde265 |
|---|---|
| Version | 1.0.11-0+deb9u5 (stretch) |
| Related CVEs | CVE-2023-43887 |
An issue has been found in libde265, an open H.265 video codec implementation. It is related to a buffer over read in pic_parameter_set::dump, which might result in an information leak or denial of service with crafted H.265 files.
For Debian 9 stretch, these problems have been fixed in version 1.0.11-0+deb9u5.
We recommend that you upgrade your libde265 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.