Comment 4 for bug 185031

Multiple flaws have been found in libvorbis. These are fixed via libvorbis
version 1.2.0.

It should be noted that libvorbis 1.2.0 also fixes the issue described in bug
245991.

The id number of each flaw is the subversion commit id. The descriptions were
provided by Chris Montgomery. The libvorbis subversion repository is located here:
http://svn.xiph.org/trunk/vorbis

13217: possible seek infinite loop in libvorbisfile
13215: multiplexed/non Vorbis stream support [heap read, potential heap write]
13211: better return value checking of seeks [heap read, potential heap write]
13179: check legal maximum blocksize [static array read]
13169,13170,13172: correctly handle codebooks with zero entires [heap read/write]
13168: low bitrate static mode declaration error [static read, heap read,
potential heap write]
13151,13153,13154,13155,13167: residue decode vector overflow [heap read/write]
13162: static initializer declarations, check-before-free error fixes [heap
read/write]
13149: check legal minimum blocksize [static array read]