It was discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed. For the stable distribution (squeeze), this problem has been fixed in version 1.3.1-1+squeeze1. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your libvorbis packages.
It was discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed.
For the stable distribution (squeeze), this problem has been fixed in version 1.3.1-1+squeeze1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your libvorbis packages.