Reporting Security Vulnerabilities - libaom0

Alex Murray alex.murray at canonical.com
Tue Jun 14 06:17:24 UTC 2022 

On Sat, 2022-06-11 at 21:46:12 -0700, Steve Langasek wrote:
Hi Christine

The status of CVEs against the aom source package can be seen at
https://ubuntu.com/security/cves?q=&package=aom&priority=&version=&status=

As per https://wiki.ubuntu.com/SecurityTeam/FAQ the Ubuntu Security team
supports software within the main and restricted components of the
Ubuntu software archive. aom however is part of the universe component
and as such is maintained by the community.

To be notified of relevant security updates as they become available,
you can subscribe to the Ubuntu Security Announcements mailing list
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce.

Thanks,
Alex


> Hi Christine,
>
> The best contact regarding security updates is security at ubuntu.com; adding
> them to Cc:.
>
> To see the status of a given CVE in Ubuntu, you can also use the website at
> https://ubuntu.com/security/cves
>
> On Fri, Jun 10, 2022 at 10:01:20AM +0000, Ruelo, Christine M. L. wrote:
>> Hello libaom0 Maintainers,
>> 
>> Good day, We have used the libaom0 package and perform a security scan using Palo Alto Network - Prisma Cloud and these vulnerabilities below are reported.
>> We would like to report it and let us know once the fix is available so we can update accordingly.
>> 
>> CVE-2020-36130
>> CVE-2020-36131
>> CVE-2020-36133
>> CVE-2020-36135
>> 
>> Thank you
>> 
>> Regards,
>> 
>> [cid:image001.png at 01D87CBC.A4D862D0]
>> I CHRISTINE MAE RUELO
>> I ATCP | Data + AI
>> I Global One Eastwood
>> I E: christine.m.l.ruelo at accenture.com<mailto:christine.m.l.ruelo at accenture.com>
>> I M: +63 927 088 6796
>> Accenture Confidential
>> PTO:
>> Holiday:
>> Training:
>> 
>> 
>> ________________________________
>> 
>> This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
>> ______________________________________________________________________________________
>> 
>> www.accenture.com
>
> -- 
> Steve Langasek                   Give me a lever long enough and a Free OS
> Debian Developer                   to set it on, and I can move the world.
> Ubuntu Developer                                   https://www.debian.org/
> slangasek at ubuntu.com                                     vorlon at debian.org

More information about the Ubuntu-motu mailing list