[ubuntu/artful-security] libvorbis 1.3.5-4ubuntu0.1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Feb 13 18:55:26 UTC 2018
libvorbis (1.3.5-4ubuntu0.1) artful-security; urgency=medium
* SECURITY UPDATE: Remote code execution
- debian/patches/CVE-2017-14632.patch: don't clear opb in
lib/info.c.
- CVE-2017-14632
* SECURITY UPDATE: out-of-bounds array read
- debian/patches/CVE-2017-14633.patch: don't allow for more than
256 channels in lib/info.c.
- CVE-2017-14633
Date: 2018-02-13 17:32:20.427055+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/libvorbis/1.3.5-4ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list