Description:
The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates.
Security Fix(es):
* libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392)
* libvorbis: stack buffer overflow in bark_noise_hybridmp function (CVE-2018-10393)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libvorbis-devel-1.3.6-2.el8.aarch64.rpm |
0c596e145bc54ea6df927f7e74bd83621e31f547afe114fb40856ff50416dfb7 |
| aarch64 |
libvorbis-1.3.6-2.el8.aarch64.rpm |
b10c8f96d4347deb9104410ef0e81ffca909121555087b2c1e4fa1a75cb8f40b |
| i686 |
libvorbis-devel-1.3.6-2.el8.i686.rpm |
59f90e24c9d7dbfc5a61a7595f604f61de0203f320ede4d80de557cc8ad4afdb |
| i686 |
libvorbis-1.3.6-2.el8.i686.rpm |
6d6cdf2431eb293d42d1e724a25d43cde6c16ed622b6c389907cd777f14c6a05 |
| noarch |
libvorbis-devel-docs-1.3.6-2.el8.noarch.rpm |
8fed9a09938ee9f62ed4514fddbdbef65fb3e1330056f8b34c22f8ef59f15a78 |
| ppc64le |
libvorbis-devel-1.3.6-2.el8.ppc64le.rpm |
3bcb05839c54e57f418e2205de292e13ac8e9ef5bc49fabed582b1c975356918 |
| ppc64le |
libvorbis-1.3.6-2.el8.ppc64le.rpm |
7619ea2f81705be4757b8ed9b51840e4f39aad2fa4ecc25756eaabdbd33664c9 |
| x86_64 |
libvorbis-devel-1.3.6-2.el8.x86_64.rpm |
2951501abde71deb9f5f382c2a1b79634832936bf99a2f85c488c170f723b822 |
| x86_64 |
libvorbis-1.3.6-2.el8.x86_64.rpm |
9ecabb1ee69662e028c90a90b24e094745849cda3f0bb6591450ad9194ded552 |
