A libde265 security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue that is related to an buffer over read in pic_parameter_set::dump.
ELA-1006-1 libde265 security update
Package : libde265
Version : 1.0.11-0+deb9u5 (stretch)
Related CVEs :
CVE-2023-43887
An issue has been found in libde265, an open H.265 video codec implementation.
It is related to an buffer over read in pic_parameter_set::dump, which might result in an information leak or denial of service with crafted H.265 files.