[ MDVSA-2015:037 ] vorbis-tools

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:037
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : vorbis-tools
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated vorbis-tools package fixes security vulnerability:
 
 oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to
 cause a denial of service (out-of-bounds read) via a crafted raw file
 (CVE-2014-9640).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640
 http://advisories.mageia.org/MGASA-2015-0051.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business

007 Software

[ MDVSA-2015:037 ] vorbis-tools

Leave a Reply Cancel reply

Software and Security Information