OpenH264 Vulnerability / CVE-2025-27091

ne0l · February 22, 2025, 10:19am

As the codec is distributed via cisco’s repo, but IIRC build in fedora’s infra; is the fixed version already in the pipeline? I cant find any bz entry …

https://security-tracker.debian.org/tracker/CVE-2025-27091

steppybug · February 22, 2025, 12:32pm

From

rpm -qi openh246

and a cisco description, yes fedora is vulnerable.

Topic		Replies	Views
Decoder H.264. OpenH264 Ask Fedora help , f33 , community , sway , packages , gnome , desktop , dnf , server , fedora-39	1	399	April 7, 2024
Does the fedora-cisco-openh264 repo make Fedora to be not free? Is the repo content a binary blob? Implications? Ask Fedora h264 , f41	26	761	November 22, 2024
Is Fedora is installing restricted codec from rpm-fusion? Ask Fedora	1	126	November 21, 2024
OpenH264 in Fedora Linux Project Discussion workstation-wg	0	1402	August 11, 2023
Openh264 repo enabled by-default on Server? Ask Fedora server , f41	14	459	October 26, 2024

OpenH264 Vulnerability / CVE-2025-27091

Related topics