patch for CVE-2023-5217

2023-09-28 13:39:41 -04:00 · 2023-09-28 13:39:41 -04:00 · b57ccccc59
commit b57ccccc59
parent fe9dbd4ca6
1 changed files with 1 additions and 0 deletions
--- a/static/releases.html
+++ b/static/releases.html
@ -665,6 +665,7 @@
                    <ul>
                        <li>Dialer: disable false gesture detection for answering calls until the faulty implementation in the AOSP Dialer app is replaced</li>
                        <li>Messaging: work around upstream null pointer exception bug</li>
+                        <li>libvpx: apply patch for CVE-2023-5217 to the standalone AOSP libvpx library, which was already fixed in the 117.0.5938.140.0 release of Vanadium</li>
                        <li>Pixel 4, Pixel 4 XL: add upstream sensor-related app compatibility fix from the September release already included for other devices</li>
                        <li>kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold): add upstream build reproducibility fix</li>
                        <li>GmsCompatConfig: update to <a href="https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-75">version 75</a></li>