Secunia Security Advisory - Mandriva has issued an update for libvorbis. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
68a13845c2ec0784287b3a937c2a6ebb4362be9a8683906a3da3878a79bf7989
----------------------------------------------------------------------
Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.
Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/
----------------------------------------------------------------------
TITLE:
Mandriva update for libvorbis
SECUNIA ADVISORY ID:
SA27170
VERIFY ADVISORY:
http://secunia.com/advisories/27170/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
DESCRIPTION:
Mandriva has issued an update for libvorbis. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or potentially compromise an application
using the library.
For more information:
SA26232
SOLUTION:
Apply updated packages.
-- Mandriva Linux 2007.0 --
d41be27509ec3be88b202966d4a59550
2007.0/i586/libvorbis0-1.1.2-1.2mdv2007.0.i586.rpm
e75b4f86a4c5d58f77373d50fbea8768
2007.0/i586/libvorbis0-devel-1.1.2-1.2mdv2007.0.i586.rpm
23f95877a057ba9cec80183affdbcd26
2007.0/i586/libvorbisenc2-1.1.2-1.2mdv2007.0.i586.rpm
5f32c9d9d23d2cca8814ad11c6992695
2007.0/i586/libvorbisfile3-1.1.2-1.2mdv2007.0.i586.rpm
3307e950d4b3918d358e9b82df6001cf
2007.0/SRPMS/libvorbis-1.1.2-1.2mdv2007.0.src.rpm
-- Mandriva Linux 2007.0/X86_64 --
402d3b03c86b0137011d1e46b51c5882
2007.0/x86_64/lib64vorbis0-1.1.2-1.2mdv2007.0.x86_64.rpm
f2ac23af2f02fa7ae18eff8251a7187f
2007.0/x86_64/lib64vorbis0-devel-1.1.2-1.2mdv2007.0.x86_64.rpm
26edae58c4d13b1d3231eb5dc1560dac
2007.0/x86_64/lib64vorbisenc2-1.1.2-1.2mdv2007.0.x86_64.rpm
63e13185eeaa037dbc4fc583b85c0143
2007.0/x86_64/lib64vorbisfile3-1.1.2-1.2mdv2007.0.x86_64.rpm
3307e950d4b3918d358e9b82df6001cf
2007.0/SRPMS/libvorbis-1.1.2-1.2mdv2007.0.src.rpm
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066525.html
OTHER REFERENCES:
SA26232:
http://secunia.com/advisories/26232/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------