-
libvorbis (1.3.5-4ubuntu0.2) artful-security; urgency=medium
* SECURITY UPDATE: out-of-bounds write in codebook decoding
- debian/patches/CVE-2018-5146.patch: fix codebook decoding in
lib/codebook.c.
- CVE-2018-5146
-- Marc Deslauriers <email address hidden> Wed, 21 Mar 2018 13:51:44 -0400
-
libvorbis (1.3.5-4ubuntu0.1) artful-security; urgency=medium
* SECURITY UPDATE: Remote code execution
- debian/patches/CVE-2017-14632.patch: don't clear opb in
lib/info.c.
- CVE-2017-14632
* SECURITY UPDATE: out-of-bounds array read
- debian/patches/CVE-2017-14633.patch: don't allow for more than
256 channels in lib/info.c.
- CVE-2017-14633
-- <email address hidden> (Leonidas S. Barbosa) Tue, 13 Feb 2018 13:42:13 -0300
-
libvorbis (1.3.5-4) unstable; urgency=low
* Changed Standards-Version from 3.9.6 to 3.9.8.
* Added CPE id in d/upstream/metadata for future reference.
* Adjusted d/tests/test-coupling-segfault to print bug number and
upstream URL.
-- Petter Reinholdtsen <email address hidden> Thu, 22 Dec 2016 17:28:24 +0000
