Red Hat Security Advisory 2018-1058-01 - The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Issues addressed include an out of bounds write.
d55714a9eb4ce03079d51114c74f73dc6de05be4c9fa6a2d49adfb3580305eda
Red Hat Security Advisory 2018-0647-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.7.0. Issues addressed include a buffer overflow vulnerability.
957d86557bc84b1dd2569edbabf90e5edcbf056f4a14134dc33d22a5c8904042
Red Hat Security Advisory 2018-0648-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.7.0. Issues addressed include a buffer overflow vulnerability.
736867ed385fcc20caaf720c2a144f2c0d8e0bcce0c2b8f560ac32a84eac0bdf
Red Hat Security Advisory 2018-0649-01 - The libvorbis package contains runtime libraries for use in programs that support Ogg Vorbis, a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed format for audio and music at fixed and variable bitrates. Issues addressed include an out of bounds write.
aea974d9e940d481415562ca98b4bed0b6d5dbe1d52676b632f079f2d742836e
Ubuntu Security Notice 3545-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code.
224eb639e89a0e0e9b41d98f94d9e07dffd8b347db6de93404cf4a345f4ee0f3
Debian Linux Security Advisory 4155-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information disclosure.
c0a81df393cb47344f541e2352dcd5ca3d263e96d1f8ad46257af1327d4b9bff
Ubuntu Security Notice 3604-1 - Richard Zhu discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause libvorbis to crash, resulting in a denial or service, or possibly execute arbitrary code.
0f9ff2cdeecb8cc4d2a898709c8507ddce8da29f88a7fa316e533695fbe0ec36
Red Hat Security Advisory 2018-0549-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.7.2 ESR. Issues addressed include an out of bounds write.
48498289e17b1230ed7d1b4309c0787b707c2650192b123c36e665026e887089
Slackware Security Advisory - New libvorbis packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
319e8cb18319e94e18b23a827f3a536cf699a213d5337f597618cc27dd026992
Debian Linux Security Advisory 4143-1 - Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code.
ae578097448b181069464aaacea1cd098476dd78446feaa86438e6cee725f8df
Ubuntu Security Notice 3599-1 - An out-of-bounds write was discovered when processing Vorbis audio data. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code.
74623c853756f6de684fc74b421b85b7ca2096d1e93c3538b218968e1cfc2a0b
Debian Linux Security Advisory 4140-1 - Richard Zhu discovered that an out-of-bounds memory write in the codeboook parsing code of the Libvorbis multimedia library could result in the execution of arbitrary code.
2e27e2cb43e4f20639ed09a1f5297eedf7e847d994cbd64a6a66b4a552c33d5c