Bob Clary, Dan Kaminsky and David Keeler discovered that in libtheora, a video library part of the Ogg project, several flaws allow allow context-dependent attackers via a large and specially crafted media file, to cause a denial of service , and possibly arbitrary code execution. For the stable distribution , this problem has been fixed in version 1.0~beta3-1+lenny1. For the testing distribution , this problem has been fixed in version 1.1.0-1. For the testing distribution , this problem has been fixed in version 1.1.0-1. We recommend that you upgrade your libtheora packages.