Download
| Alert*
oval:org.secpod.oval:def:114884
Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates. The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis. oval:org.secpod.oval:def:503432 The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix: * libvorbis: heap buffer overflow in mapping0_for ... oval:org.secpod.oval:def:89002159 This update for libvorbis fixes the following issues: Security issues fixed: - CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm . - CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function . oval:org.secpod.oval:def:2103008 mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. oval:org.secpod.oval:def:89002171 This update for libvorbis fixes the following issues: Security issues fixed: - CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm . - CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function . oval:org.secpod.oval:def:66497 The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix: * libvorbis: heap buffer overflow in mapping0_for ... oval:org.secpod.oval:def:1900128 bark_noise_hybridmp in psy.c in Xiph.Org libvorbis-dev 1.3.6 has a stack-based buffer over-read. oval:org.secpod.oval:def:1504300 [1.3.6-2] - Sync with git for CVE-2017-14160, CVE-2018-10392, CVE-2018-10393 oval:org.secpod.oval:def:2500037 The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. oval:org.secpod.oval:def:2001363 bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. oval:org.secpod.oval:def:115784 Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This package contains the MinGW Windows cross compiled libvorbis library. |