-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 26 May 2008 12:48:06 +0000 Source: libvorbis Binary: libvorbis0a libvorbisenc2 libvorbisfile3 libvorbis-dev Architecture: source i386 Version: 1.2.0.dfsg-3.1 Distribution: unstable Urgency: high Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debian.org> Changed-By: Steffen Joeris <white@debian.org> Description: libvorbis-dev - The Vorbis General Audio Compression Codec (development files) libvorbis0a - The Vorbis General Audio Compression Codec libvorbisenc2 - The Vorbis General Audio Compression Codec libvorbisfile3 - The Vorbis General Audio Compression Codec Closes: 482518 Changes: libvorbis (1.2.0.dfsg-3.1) unstable; urgency=high . * Non-maintainer upload by the security team * Fix integer overflows (and possible DoS attacks) via crafted OGG files (Closes: #482518) Fixes: CVE-2008-1423, CVE-2008-1420, CVE-2008-1419 Checksums-Sha1: 7e30930f75eee0faa1b0046091291fc04276543a 1240 libvorbis_1.2.0.dfsg-3.1.dsc 19c75d4a951d93b09129cd4afe3561cc26ec2472 7756 libvorbis_1.2.0.dfsg-3.1.diff.gz 3a5d8a6e00af5042cb189c625dc11fe65678eb28 100066 libvorbis0a_1.2.0.dfsg-3.1_i386.deb d3c488dd904ed66d0155341091b87ed5f01b56f7 76940 libvorbisenc2_1.2.0.dfsg-3.1_i386.deb 408a6ff91aea8d32fd9b1c7ebbf0436579bfc688 20654 libvorbisfile3_1.2.0.dfsg-3.1_i386.deb 33662bd98970711a40008dfbc4ae722fdeca342d 462118 libvorbis-dev_1.2.0.dfsg-3.1_i386.deb Checksums-Sha256: 1554f8fd5f742d8e43942ac06f21a22417440bcefed5909ac754843cae797369 1240 libvorbis_1.2.0.dfsg-3.1.dsc e677b256fb8fe3de476be305324dbdc3dba332e79a32cca8c5f174be5ab199ac 7756 libvorbis_1.2.0.dfsg-3.1.diff.gz ab2926f9aade0e32db6b898959d8c90e103a7cd74ed91651baec4958b2863e68 100066 libvorbis0a_1.2.0.dfsg-3.1_i386.deb 1a2687243e3518f89eaa183d531dfe5bc06e74134d7688a96a526ac6963f4d50 76940 libvorbisenc2_1.2.0.dfsg-3.1_i386.deb d1cd774b967fdcae09229095aaa6be6355ec56159d8fd5a14f2afe4e2a6a5162 20654 libvorbisfile3_1.2.0.dfsg-3.1_i386.deb 3b9b36f92399379b34b926802aa405e58b2b27a583a2d41018fc7df8208295ef 462118 libvorbis-dev_1.2.0.dfsg-3.1_i386.deb Files: e979e8ed3688c8acf00520ba4fffdca9 1240 libs optional libvorbis_1.2.0.dfsg-3.1.dsc c94aa925033b7f0f788ee51026229681 7756 libs optional libvorbis_1.2.0.dfsg-3.1.diff.gz 64abf5026fb2171e21b75c99ab3818cb 100066 libs optional libvorbis0a_1.2.0.dfsg-3.1_i386.deb 12e191ce8c9af5a54fbabf0b77622faa 76940 libs optional libvorbisenc2_1.2.0.dfsg-3.1_i386.deb 2a6bfacb6d8f3d4b477ea157114bc3a0 20654 libs optional libvorbisfile3_1.2.0.dfsg-3.1_i386.deb 9f1a4cb81cf57889fabfbbc4e3b859fc 462118 libdevel optional libvorbis-dev_1.2.0.dfsg-3.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIOruA62zWxYk/rQcRAoR5AJ9zEq39OWCfOLdRoDEKrx4YbnhCZACgpxWQ PYDS/OBolbewKuo5bhHFHD4= =o9UI -----END PGP SIGNATURE----- Accepted: libvorbis-dev_1.2.0.dfsg-3.1_i386.deb to pool/main/libv/libvorbis/libvorbis-dev_1.2.0.dfsg-3.1_i386.deb libvorbis0a_1.2.0.dfsg-3.1_i386.deb to pool/main/libv/libvorbis/libvorbis0a_1.2.0.dfsg-3.1_i386.deb libvorbis_1.2.0.dfsg-3.1.diff.gz to pool/main/libv/libvorbis/libvorbis_1.2.0.dfsg-3.1.diff.gz libvorbis_1.2.0.dfsg-3.1.dsc to pool/main/libv/libvorbis/libvorbis_1.2.0.dfsg-3.1.dsc libvorbisenc2_1.2.0.dfsg-3.1_i386.deb to pool/main/libv/libvorbis/libvorbisenc2_1.2.0.dfsg-3.1_i386.deb libvorbisfile3_1.2.0.dfsg-3.1_i386.deb to pool/main/libv/libvorbis/libvorbisfile3_1.2.0.dfsg-3.1_i386.deb
