Format: 1.7 Date: Wed, 26 Nov 2008 10:24:19 -0500 Source: libvorbis Binary: libvorbis0a libvorbisenc2 libvorbisfile3 libvorbis-dev Architecture: powerpc Version: 1.2.0.dfsg-2ubuntu0.1 Distribution: hardy Urgency: low Maintainer: Ubuntu/powerpc Build Daemon Changed-By: Marc Deslauriers Description: libvorbis-dev - The Vorbis General Audio Compression Codec (development files) libvorbis0a - The Vorbis General Audio Compression Codec libvorbisenc2 - The Vorbis General Audio Compression Codec libvorbisfile3 - The Vorbis General Audio Compression Codec Launchpad-Bugs-Fixed: 232150 232150 232150 Changes: libvorbis (1.2.0.dfsg-2ubuntu0.1) hardy-security; urgency=low . * SECURITY UPDATE: crash or integer overflow with codebook.dim zero value (LP: #232150) - debian/patches/CVE-2008-1423+CVE-2008-1419.patch: make sure value of codebook.dim is not zero in lib/codebook.c - CVE-2008-1419 * SECURITY UPDATE: code execution via heap overflow in residue partition value (LP: #232150) - debian/patches/CVE-2008-1420.patch: verify the phrasebook is not specifying an impossible or inconsistent partitioning scheme in lib/res0.c - CVE-2008-1420 * SECURITY UPDATE: code execution via heap overflow in a quantvals and quantlist calculation (LP: #232150) - debian/patches/CVE-2008-1423+CVE-2008-1419.patch: add check for absurdly huge codebooks in lib/codebook.c - CVE-2008-1423 Files: a15c110e58da00ce9e851f8f04909673 108516 libs optional libvorbis0a_1.2.0.dfsg-2ubuntu0.1_powerpc.deb be00dcbd1f6a209ff7e59669ea3bcf33 83532 libs optional libvorbisenc2_1.2.0.dfsg-2ubuntu0.1_powerpc.deb d07be5c602f3714cf0701226fef5bfa4 23644 libs optional libvorbisfile3_1.2.0.dfsg-2ubuntu0.1_powerpc.deb 128ddaebf7ab8c95288de20b309b7b39 484204 libdevel optional libvorbis-dev_1.2.0.dfsg-2ubuntu0.1_powerpc.deb Original-Maintainer: Debian Xiph.org Maintainers