------------------------------------------------------------ Arch Linux Security Warning ALSW 2007-#34 ------------------------------------------------------------
Name: libvorbis Date: 2007-07-27 Severity: Medium Warning #: 2007-#34 ------------------------------------------------------------ Product Background =================== Vorbis codec library Problem Background =================== Previous versions of the libvorbis package contain multiple vulnerabilities, including a heap overwrite, read violations, and a function pointer overwrite. Impact ================== An attacker may exploit these vulnerabilities to cause a denial of service and,possibly, to execute arbitrary code. Problem Packages =================== Package: libvorbis Repo: current Group: lib Unsafe: < 1.2.0 Safe: >= 1.2.0 Package Fix =================== Upgrade to 1.2.0 --------------------------------------------- Unofficial ArchLinux Security Bug Tracker: http://jjdanimoth.netsons.org/alsw.html --------------------------------------------- Reference(s) =================== http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029
pgp4coNfxNRV7.pgp
Description: PGP signature
_______________________________________________ arch mailing list [email protected] http://archlinux.org/mailman/listinfo/arch
