lp:ubuntu/dapper-security/libvorbis
- Get this branch:
- bzr branch lp:ubuntu/dapper-security/libvorbis
Branch merges
Branch information
Recent revisions
- 9. By Marc Deslauriers
-
* SECURITY UPDATE: crash or integer overflow with codebook.dim zero
value (LP: #232150)
- lib/codebook.c: make sure value of codebook.dim is not zero
- https://trac.xiph. org/changeset/ 14602
- CVE-2008-1419
* SECURITY UPDATE: code execution via heap overflow in residue partition
value (LP: #232150)
- lib/res0.c: verify the phrasebook is not specifying an impossible or
inconsistent partitioning scheme
- https://trac.xiph. org/changeset/ 14598
- CVE-2008-1420
* SECURITY UPDATE: code execution via heap overflow in a quantvals and
quantlist calculation (LP: #232150)
- lib/codebook.c: add check for absurdly huge codebooks
- https://trac.xiph. org/changeset/ 14604
- CVE-2008-1423
* Sync rest of patchset with debian package for additional misc security
fixes and validations
- http://patch-tracking. debian. net/package/ libvorbis/ 1.1.2.dfsg- 1.4 - 8. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution via heap overflow
* lib/{res0,floor1, info}.c: backported upstream changes inline from 1.2.0.
* References
CVE-2007-3106
CVE-2007-4029 - 7. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution via heap overflow
* lib/res0.c, lib/floor1.c: backported upstream changes inline from 1.2.0.
* References
CVE-2007-3106 - 3. By Chris Cheney
-
* New upstream.
* Improved descriptions. (Closes: #166649)
* Updated DEB_BUILD_OPTIONS support. (Closes: #188464) - 2. By Chris Cheney
-
* New upstream. (Closes: #121995, #123472)
* added autotools target (config.* updater) to rules
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/libvorbis