-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 02 Jul 2017 20:53:04 +0200 Source: vorbis-tools Binary: vorbis-tools vorbis-tools-dbg Architecture: source amd64 Version: 1.4.0-1+deb7u1 Distribution: wheezy-security Urgency: medium Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debian.org> Changed-By: Petter Reinholdtsen <pere@debian.org> Description: vorbis-tools - several Ogg Vorbis tools vorbis-tools-dbg - several Ogg Vorbis tools (debug files) Closes: 771363 776086 797461 Changes: vorbis-tools (1.4.0-1+deb7u1) wheezy-security; urgency=medium . * oggenc: Fix large alloca on bad AIFF input to oggenc (CVE-2015-6749) (Closes: 797461). * oggenc: Validate count of channels in the header (CVE-2014-9638, CVE-2014-9639). (Closes: 776086) * Fix oggenc crash on closing raw input files by backporting r19117 from upstream (CVE-2014-9640) (Closes: #771363). Checksums-Sha1: b324ffdb4b6dabc5b1973b2c1ae1162686384779 2071 vorbis-tools_1.4.0-1+deb7u1.dsc fc6a820bdb5ad6fcac074721fab5c3f96eaf6562 1346532 vorbis-tools_1.4.0.orig.tar.gz eebfe1272ccc966049c390d31eed5bd20881cc6d 8321 vorbis-tools_1.4.0-1+deb7u1.diff.gz 265ae04500bc8dbf91acd0575eea4a21f9930fa1 289836 vorbis-tools_1.4.0-1+deb7u1_amd64.deb f5fc62747eb18cd66de967dd4bcbc519322757d7 265670 vorbis-tools-dbg_1.4.0-1+deb7u1_amd64.deb Checksums-Sha256: 047b9ca930821388a18506779dacd064a855fb894fa77a091cccebfe19901d05 2071 vorbis-tools_1.4.0-1+deb7u1.dsc a389395baa43f8e5a796c99daf62397e435a7e73531c9f44d9084055a05d22bc 1346532 vorbis-tools_1.4.0.orig.tar.gz 3965929a49b1e29e69c9c96d82f77c588c03e56bfab599deccbd4f7388b725cd 8321 vorbis-tools_1.4.0-1+deb7u1.diff.gz 212a4f75701447a4651e9663f3db4eb46cd30a4ef752e7732c0006fbc2b978ae 289836 vorbis-tools_1.4.0-1+deb7u1_amd64.deb c5bb125a1d3feae999428a28303d852e3417601b1c5d4015e02c6e7b5242eef9 265670 vorbis-tools-dbg_1.4.0-1+deb7u1_amd64.deb Files: 07fcc319091a0fdd0c3f0d7b365da4de 2071 sound optional vorbis-tools_1.4.0-1+deb7u1.dsc 567e0fb8d321b2cd7124f8208b8b90e6 1346532 sound optional vorbis-tools_1.4.0.orig.tar.gz b7a24c2d9df01887a1d4d8a5311cc525 8321 sound optional vorbis-tools_1.4.0-1+deb7u1.diff.gz d4a7a436ef16ee8f0b9613a865eebe0a 289836 sound optional vorbis-tools_1.4.0-1+deb7u1_amd64.deb 7a08b76341289bd81f7305797dd5517b 265670 debug extra vorbis-tools-dbg_1.4.0-1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZWWlsAAoJEIEoCqCHuvsOGl0P/jhZui3ZfEAo3OtazjCnXzVT F0ALeoHoKDVaELbJrWBsB+k0vmKRuHizuTbsvecXG9Vgbp5KMRq+OmZ4XOTyOFZp bB4qLoyXAKaFOjADdXCRnNMl42ouVi1ONSK9OZpGCNFR819jPedftzY8Dv3F5qw7 SQtCbkeYQLCuCrIG4T+fOWrpOFPAYMc0tIcRIytM5dh+gh2nqQqVq42QQNl2NwvZ ZjunPeAJVLuO4KaIONiY+zzVayrnnaT2bemQZVC/S/4BiaTQruSTaZVN4dA+CRGA QcP5uWXzRZpdkf3hGxw1qSdkwK2fCyOMMrBtPYjVKJfpQtuzD38aaoN40TVJR9V0 gMkA9KUg6lwfRSrVcn3j94b3gSdDEKXPLp0uz9enLdXUuBqb12u4XmXmeXe79eh2 odJ+kQ5AEuxx+jPlNzLuvT0f/WSrdo4Iy+0B1micT+X+zCFa5dCkfqJv8pbkdZcP 2BcMYoTriCALA1ESYVwwQPveF2OZMtSZrUz0TazEiSPDMu6odTa6wjg5VCfLLBO9 G2nfO7j8thN4GYVFAcfFhNw2qVcJ4J15OYa5uNGuqmlVj/DDbspN2k+uAqbvGk5V rhiJxfdVL1gh31g8tDgFaRDu+GRnWzwCrWxlnRLSH7thjbquCbli/N6xJvcOukNp vXCi1zD1nLtDjWhV3e54 =gnz9 -----END PGP SIGNATURE-----
