Univention Bugzilla – Bug 46688
libvorbis: Multiple issues (4.3)
Last modified: 2018-05-16 17:04:15 CEST
New Debian libvorbis 1.3.5-4+deb9u2 fixes: This update addresses the following issues: * Prevent out-of-bounds write in codebook decoding (CVE-2018-5146) CVE-2018-5146 Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08)
[4.3-0] 4a0b186ba8 Bug #46688: libvorbis_1.3.5-4+deb9u2 Copied from Debian-Stretch
--- mirror/ftp/4.3/unmaintained/4.3-0/source/libvorbis_1.3.5-4+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-0/source/libvorbis_1.3.5-4+deb9u2.dsc @@ -1,3 +1,8 @@ +1.3.5-4+deb9u2 [Fri, 16 Mar 2018 18:12:39 +0100] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * Prevent out-of-bounds write in codebook decoding (CVE-2018-5146) + 1.3.5-4+deb9u1 [Sat, 27 Jan 2018 23:03:00 +0000] Moritz Muehlenhoff <jmm@debian.org>: * CVE-2017-14632 CVE-2017-14633
* No UCS specific patches * Comparison to previously shipped version ok * Binary package update Ok * Advisory Ok
<http://errata.software-univention.de/ucs/4.3/59.html>