Source: vorbis-tools Version: 1.4.0-1 Severity: important Tags: security upstream
Hi, the following vulnerabilities were published for vorbis-tools. CVE-2014-9638[0]: Oggenc division by zero issue CVE-2014-9639[1]: Oggenc channel integer overflow CVE-2014-9640[2]: segfault when trying to encode trivial raw input If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-9638 https://trac.xiph.org/ticket/2137 [1] https://security-tracker.debian.org/tracker/CVE-2014-9639 https://trac.xiph.org/ticket/2136 [2] https://security-tracker.debian.org/tracker/CVE-2014-9640 https://trac.xiph.org/ticket/2009 Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
