Mageia: 2019-0059 Moderate: libvorbis Memory Exhaustion & NULL Pointer Bug
mageia
January 31, 2019
The vorbis library version 1.3.6 fix security vulnerabilities: - CVE-2017-11735 libvorbis: NULL pointer dereference in vorbis_block_clear function in lib/block.c - CVE-2017-11333...
Summary
The vorbis library version 1.3.6 fix security vulnerabilities:
- CVE-2017-11735 libvorbis: NULL pointer dereference in
vorbis_block_clear function in lib/block.c
- CVE-2017-11333 libvorbis: Memory exhaustion in vorbis_analysis_wrote
function in lib/block.c
References
- https://bugs.mageia.org/show_bug.cgi?id=24252
- - http://lists.suse.com/pipermail/sle-security-updates/2018-June/004158.html
- - https://www.cve.org/CVERecord?id=CVE-2017-11735
- https://www.cve.org/CVERecord?id=CVE-2017-11333
Topics Covered
Resolution
SRPMS
- 6/core/libvorbis-1.3.6-1.mga6
PREVIOUS
NEXT
Publication date: 31 Jan 2019
URL: https://advisories.mageia.org/MGASA-2019-0059.html
Type: security
CVE: CVE-2017-11735,
CVE-2017-11333
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!