Format: 1.7
Date: Wed, 26 Nov 2008 10:24:19 -0500
Source: libvorbis
Binary: libvorbis0a libvorbisenc2 libvorbisfile3 libvorbis-dev
Architecture: sparc
Version: 1.2.0.dfsg-2ubuntu0.1
Distribution: hardy
Urgency: low
Maintainer: Ubuntu/sparc Build Daemon <buildd@artigas.buildd>
Changed-By: Marc Deslauriers <marcdeslauriers@videotron.ca>
Description: 
 libvorbis-dev - The Vorbis General Audio Compression Codec (development files)
 libvorbis0a - The Vorbis General Audio Compression Codec
 libvorbisenc2 - The Vorbis General Audio Compression Codec
 libvorbisfile3 - The Vorbis General Audio Compression Codec
Launchpad-Bugs-Fixed: 232150 232150 232150
Changes: 
 libvorbis (1.2.0.dfsg-2ubuntu0.1) hardy-security; urgency=low
 .
   * SECURITY UPDATE: crash or integer overflow with codebook.dim zero
     value (LP: #232150)
     - debian/patches/CVE-2008-1423+CVE-2008-1419.patch: make sure value of
       codebook.dim is not zero in lib/codebook.c
     - CVE-2008-1419
   * SECURITY UPDATE: code execution via heap overflow in residue partition
     value (LP: #232150)
     - debian/patches/CVE-2008-1420.patch: verify the phrasebook is not
       specifying an impossible or inconsistent partitioning scheme in
       lib/res0.c
     - CVE-2008-1420
   * SECURITY UPDATE: code execution via heap overflow in a quantvals and
     quantlist calculation  (LP: #232150)
     - debian/patches/CVE-2008-1423+CVE-2008-1419.patch: add check for
       absurdly huge codebooks in lib/codebook.c
     - CVE-2008-1423
Files: 
 8dbbaf70afa928a5d2407d1eef3b1922 99428 libs optional libvorbis0a_1.2.0.dfsg-2ubuntu0.1_sparc.deb
 e5592f1cd6297a630fd7358d6c88c82e 80484 libs optional libvorbisenc2_1.2.0.dfsg-2ubuntu0.1_sparc.deb
 66c63c0e4024661e9d905b22862450c5 19054 libs optional libvorbisfile3_1.2.0.dfsg-2ubuntu0.1_sparc.deb
 9396b9f159e3e96ce44c140f02dcf3cb 461822 libdevel optional libvorbis-dev_1.2.0.dfsg-2ubuntu0.1_sparc.deb
Original-Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debian.org>