Source: libvorbis Version: 1.3.4-2 Severity: grave Tags: patch security upstream Control: fixed -1 1.3.4-2+deb8u1 Control: fixed -1 1.3.5-4+deb9u2
Hi, the following vulnerability was published for libvorbis. CVE-2018-5146[0]: out-of-bounds memory write If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-5146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146 [1] https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ [2] https://git.xiph.org/?p=vorbis.git;a=commit;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f Regards, Salvatore