Security update for libvorbis
This update for libvorbis fixes the following issues:
Security issues fixed:
- CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm (bsc#1091072).
- CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function (bsc#1059812).
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Takashi Iwai (tiwai)
Fixed bugs
bnc#1091072
VUL-0: CVE-2018-10393: libvorbis: bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-basedbuffer over-read.
bnc#1059812
VUL-0: CVE-2017-14160: libvorbis: out-of-bounds access inside bark_noise_hybridmp function in psy.c
