Advisories ยป MGASA-2015-0353

Updated vorbis-tools packages fix CVE-2015-6749

Publication date: 08 Sep 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-6749

Description

Updated vorbis-tools package fixes security vulnerability:

A buffer overread is possible in vorbis-tools in oggenc/audio.c when opening a
specially crafted AIFF file (CVE-2015-6749).
                

References

SRPMS

4/core

5/core