Multiple flaws have been found in libvorbis. These are fixed via libvorbis
version 1.2.0.
It should be noted that libvorbis 1.2.0 also fixes the issue described in bug
245991.
The id number of each flaw is the subversion commit id. The descriptions were
provided by Chris Montgomery. The libvorbis subversion repository is located here: http://svn.xiph.org/trunk/vorbis
Multiple flaws have been found in libvorbis. These are fixed via libvorbis
version 1.2.0.
It should be noted that libvorbis 1.2.0 also fixes the issue described in bug
245991.
The id number of each flaw is the subversion commit id. The descriptions were svn.xiph. org/trunk/ vorbis
provided by Chris Montgomery. The libvorbis subversion repository is located here:
http://
13217: possible seek infinite loop in libvorbisfile 13154,13155, 13167: residue decode vector overflow [heap read/write]
13215: multiplexed/non Vorbis stream support [heap read, potential heap write]
13211: better return value checking of seeks [heap read, potential heap write]
13179: check legal maximum blocksize [static array read]
13169,13170,13172: correctly handle codebooks with zero entires [heap read/write]
13168: low bitrate static mode declaration error [static read, heap read,
potential heap write]
13151,13153,
13162: static initializer declarations, check-before-free error fixes [heap
read/write]
13149: check legal minimum blocksize [static array read]