Overview

File _patchinfo of Package patchinfo.7657

<patchinfo incident="7657">
  <issue id="1091070" tracker="bnc">VUL-0: CVE-2018-10392: libvorbis: mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate thenumber of channels, which allows remote attackers to cause a denial of service(heap-based buffer overflow or over-read) or p</issue>
  <issue id="2018-10392" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tiwai</packager>
  <description>This update for libvorbis fixes the following issues:

The following security issue was fixed:

  - Fixed the validation of channels in mapping0_forward(), which previously
    allowed remote attackers to cause a denial of service via specially crafted
    files (CVE-2018-10392, bsc#1091070)
</description>
  <summary>Security update for libvorbis</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places