RHSA-2019:3703-01 -- Redhat libvorbisID: oval:org.secpod.oval:def:66497 | Date: (C)2020-10-30 (M)2022-10-10 |
Class: PATCH | Family: unix |
The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Security Fix: * libvorbis: heap buffer overflow in mapping0_forward function * libvorbis: stack buffer overflow in bark_noise_hybridmp function For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the CentOS 8.1 Release Notes linked from the References section.