File _patchinfo of Package patchinfo.8108

<patchinfo incident="8108">
  <issue id="1091072" tracker="bnc">VUL-0: CVE-2018-10393: libvorbis: bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-basedbuffer over-read.</issue>
  <issue id="1059812" tracker="bnc">VUL-0: CVE-2017-14160: libvorbis: out-of-bounds access inside bark_noise_hybridmp function in psy.c</issue>
  <issue id="2018-10393" tracker="cve" />
  <issue id="2017-14160" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tiwai</packager>
  <description>This update for libvorbis fixes the following issues:

Security issues fixed:

- CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm (bsc#1091072).
- CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function (bsc#1059812).

This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for libvorbis</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.8108

Places
