Information on source package libvorbis

Available versions

ReleaseVersion
wheezy1.3.2-1.3
jessie1.3.4-2
stretch1.3.5-4
buster1.3.5-4
sid1.3.5-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-14633vulnerablevulnerablevulnerablevulnerablevulnerableIn Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...
CVE-2017-14632fixedfixedvulnerablevulnerablevulnerableXiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing ...
CVE-2017-14160vulnerablevulnerablevulnerablevulnerablevulnerableThe bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 ...
CVE-2017-11333vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...

Resolved issues

BugDescription
CVE-2012-0444Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before ...
CVE-2009-3379Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla ...
CVE-2009-2663libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 ...
CVE-2008-2009Xiph.org libvorbis before 1.0 does not properly check for ...
CVE-2008-1423Integer overflow in a certain quantvals and quantlist calculation in ...
CVE-2008-1420Integer overflow in residue partition value (aka partvals) evaluation ...
CVE-2008-1419Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero ...
CVE-2007-4066Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow ...
CVE-2007-4065lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 ...
CVE-2007-4029libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...
CVE-2007-3106lib/info.c in libvorbis 1.1.2, and possibly other versions before ...

Security announcements

DSA / DLADescription
DSA-2412-1libvorbis - buffer overflow
DSA-1939-1libvorbis - several vulnerabilities
DSA-1939-1libvorbis - several vulnerabilities
DSA-1591-1libvorbis - several vulnerabilities
DSA-1471-1libvorbis - several vulnerabilities
DSA-1471-1libvorbis - several vulnerabilities

Search for package or bug name: Reporting problems