Launchpad has imported 3 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=249780.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2007-07-26T23:23:55+00:00 Josh wrote: Multiple flaws have been found in libvorbis. These are fixed via libvorbis version 1.2.0. It should be noted that libvorbis 1.2.0 also fixes the issue described in bug 245991. The id number of each flaw is the subversion commit id. The descriptions were provided by Chris Montgomery. The libvorbis subversion repository is located here: http://svn.xiph.org/trunk/vorbis 13217: possible seek infinite loop in libvorbisfile 13215: multiplexed/non Vorbis stream support [heap read, potential heap write] 13211: better return value checking of seeks [heap read, potential heap write] 13179: check legal maximum blocksize [static array read] 13169,13170,13172: correctly handle codebooks with zero entires [heap read/write] 13168: low bitrate static mode declaration error [static read, heap read, potential heap write] 13151,13153,13154,13155,13167: residue decode vector overflow [heap read/write] 13162: static initializer declarations, check-before-free error fixes [heap read/write] 13149: check legal minimum blocksize [static array read] Reply at: https://bugs.launchpad.net/ubuntu/+source/libvorbis/+bug/185031/comments/0 ------------------------------------------------------------------------ On 2007-08-20T20:09:54+00:00 Josh wrote: Here is the breakdown of CVE id to libvorbis commit id mapping: CVE-2007-4065: 13217 (infinite loop) CVE-2007-4029 covers 2 issues with unknown commit IDs. According to Monty these two issues are the commit ids: 13151, 13154, 13155, 13167 and 13149, 13153, 13179 CVE-2007-4066: multiple flaws 13215: multiplexed/non Vorbis stream support [heap read, potential heap write] 13211: better return value checking of seeks [heap read, potential heap write] 13169,13170,13172: correctly handle codebooks with zero entires [heap read/write] 13168: low bitrate static mode declaration error [static read, heap read, potential heap write] 13162: static initializer declarations, check-before-free error fixes [heap read/write] Reply at: https://bugs.launchpad.net/ubuntu/+source/libvorbis/+bug/185031/comments/1 ------------------------------------------------------------------------ On 2008-01-17T15:47:49+00:00 Red wrote: This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2007-0845.html http://rhn.redhat.com/errata/RHSA-2007-0912.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2007-1765 Reply at: https://bugs.launchpad.net/ubuntu/+source/libvorbis/+bug/185031/comments/2 ** Changed in: libvorbis (Fedora) Importance: Unknown => High ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-4029 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-4065 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/185031 Title: [libvorbis] [CVE-2007-4066] multiple buffer overflows in libvorbis before 1.2.0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvorbis/+bug/185031/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
