The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format. An insufficient input validation flaw was found in the way libvorbis processes the codec file headers of the Ogg Vorbis audio file format . A remote attacker could provide a specially-crafted Ogg file that would cause a denial of service or, potentially, execute arbitrary code with the privileges of an application using the libvorbis library when opened by a victim. Users of libvorbis should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.