UbuntuUpdates.org

Package "libvorbis"

Name: libvorbis

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • The Vorbis General Audio Compression Codec (debug files)
  • The Vorbis General Audio Compression Codec (development files)
  • The Vorbis General Audio Compression Codec (Decoder library)
  • The Vorbis General Audio Compression Codec (Encoder library)

Latest version: 1.3.2-1.3ubuntu1.1
Release: trusty (14.04)
Level: security
Repository: main

Links

Save this URL for the latest version of "libvorbis": https://www.ubuntuupdates.org/libvorbis



Other versions of "libvorbis" in Trusty

Repository Area Version
updates main 1.3.2-1.3ubuntu1.1

Packages in group

Deleted packages are displayed in grey.

libvorbis-dbg libvorbis-dev libvorbis0a libvorbisenc2 libvorbisfile3

Changelog

Version: 1.3.2-1.3ubuntu1.1 2018-02-13 21:06:22 UTC

  libvorbis (1.3.2-1.3ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Remote code execution
    - debian/patches/CVE-2017-14632.patch: don't clear opb in
      lib/info.c.
    - CVE-2017-14632
  * SECURITY UPDATE: out-of-bounds array read
    - debian/patches/CVE-2017-14633.patch: don't allow for more than
      256 channels in lib/info.c.
    - CVE-2017-14633

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 13 Feb 2018 12:48:25 -0300

CVE-2017-14632 Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi
CVE-2017-14633 In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS



About   -   Send Feedback to @ubuntu_updates