Overview

File _patchinfo of Package patchinfo.6346

<patchinfo incident="6346">
  <issue id="1059809" tracker="bnc">VUL-0: CVE-2017-14632: libvorbis: Remote Code Execution upon freeing uninitialized memory in function vorbis_analysis_headerout()</issue>
  <issue id="1059811" tracker="bnc">VUL-0: CVE-2017-14633: libvorbis: out-of-bounds array read vulnerability exists in function mapping0_forward()</issue>
  <issue id="2017-14633" tracker="cve" />
  <issue id="2017-14632" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tiwai</packager>
  <description>This update for libvorbis fixes the following issues:

- CVE-2017-14633: out-of-bounds array read vulnerability exists in
  function mapping0_forward() could lead to remote denial of service (bsc#1059811)
- CVE-2017-14632: Remote Code Execution upon freeing uninitialized
  memory in function vorbis_analysis_headerout(bsc#1059809)
</description>
  <summary>Security update for libvorbis</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places