Fedora Linux 8811 Published by

A vmaf security update has been released for Fedora 34.



SECURITY: Fedora 34 Update: vmaf-2.1.1-1.fc34


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-1c3f7963a5
2021-06-16 01:03:31.627581
--------------------------------------------------------------------------------

Name : vmaf
Product : Fedora 34
Version : 2.1.1
Release : 1.fc34
URL :   https://github.com/netflix/vmaf
Summary : Video Multi-Method Assessment Fusion
Description :
VMAF is a perceptual video quality assessment algorithm developed by
Netflix. VMAF Development Kit (VDK) is a software package that contains
the VMAF algorithm implementation, as well as a set of tools that allows
a user to train and test a custom VMAF model. For an overview, read this
tech blog post, or this slide deck.

  https://github.com/Netflix/vmaf/blob/master/resource/doc/VMAF_ICIP17.pdf

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2021-30473 Security fix for CVE-2021-30475 ---- Fix bug
with 100% cpu utilization on network link change (or wakeup) when websockets are
in use (well-known "github + polyfill addon and wakeup" issue), and backport
some other improvements from upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 10 2021 Leigh Scott - 2.1.1-1
- Update to 2.1.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1961375 - CVE-2021-30473 libaom: aom_image.c in libaom frees memory that is not located on the heap
  https://bugzilla.redhat.com/show_bug.cgi?id=1961375
[ 2 ] Bug #1968017 - CVE-2021-30475 libaom: Buffer overflow in aom_dsp/noise_model.c
  https://bugzilla.redhat.com/show_bug.cgi?id=1968017
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-1c3f7963a5' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys