Several vulnerabilities were found in the Vorbis General Audio Compression Codec, which may lead to denial of service or the execution of arbitrary code, if a user is tricked into opening a malformed Ogg Audio file with an application linked against libvorbis. For the old stable distribution (sarge), these problems have been fixed in version 1.1.0-2. For the stable distribution (etch), these problems have been fixed in version 1.1.2.dfsg-1.3. For the unstable distribution (sid), these problems have been fixed in version 1.2.0.dfsg-1. We recommend that you upgrade your libvorbis packages.
Several vulnerabilities were found in the Vorbis General Audio Compression Codec, which may lead to denial of service or the execution of arbitrary code, if a user is tricked into opening a malformed Ogg Audio file with an application linked against libvorbis.
For the old stable distribution (sarge), these problems have been fixed in version 1.1.0-2.
For the stable distribution (etch), these problems have been fixed in version 1.1.2.dfsg-1.3.
For the unstable distribution (sid), these problems have been fixed in version 1.2.0.dfsg-1.
We recommend that you upgrade your libvorbis packages.
MD5 checksums of the listed files are available in the original advisory.