svn commit: r396535 - head/security/vuxml
Christian Weisgerber
naddy at FreeBSD.org
Wed Sep 9 20:41:24 UTC 2015
Author: naddy
Date: Wed Sep 9 20:41:22 2015
New Revision: 396535
URL: https://svnweb.freebsd.org/changeset/ports/396535
Log:
Expand a35f415d-572a-11e5-b0a4-f8b156b6dcc8:
multiple vulnerabilities in audio/vorbis-tools and audio/opus-tools
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Sep 9 20:37:44 2015 (r396534)
+++ head/security/vuxml/vuln.xml Wed Sep 9 20:41:22 2015 (r396535)
@@ -59,15 +59,32 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="a35f415d-572a-11e5-b0a4-f8b156b6dcc8">
- <topic>vorbis-tools -- oggenc buffer overflow</topic>
+ <topic>vorbis-tools, opus-tools -- multiple vulnerabilities</topic>
<affects>
<package>
<name>vorbis-tools</name>
- <range><lt>1.4.0_9,3</lt></range>
+ <range><lt>1.4.0_10,3</lt></range>
+ </package>
+ <package>
+ <name>opus-tools</name>
+ <range><lt>0.1.9_2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Paris Zoumpouloglou reports:</p>
+ <blockquote cite="https://trac.xiph.org/ticket/2136">
+ <p>I discovered an integer overflow issue in oggenc,
+ related to the number of channels in the input WAV file.
+ The issue triggers an out-of-bounds memory access which
+ causes oggenc to crash.</p>
+ </blockquote>
+ <p>Paris Zoumpouloglou reports:</p>
+ <blockquote cite="https://trac.xiph.org/ticket/2136">
+ <p>A crafted WAV file with number of channels set to 0
+ will cause oggenc to crash due to a division by zero
+ issue.</p>
+ </blockquote>
<p>pengsu reports:</p>
<blockquote cite="https://trac.xiph.org/ticket/2212">
<p>I discovered an buffer overflow issue in oggenc/audio.c
@@ -76,13 +93,18 @@ Notes:
</body>
</description>
<references>
- <url>https://trac.xiph.org/ticket/2212</url>
<freebsdpr>ports/202941</freebsdpr>
+ <url>https://trac.xiph.org/ticket/2136</url>
+ <cvename>CVE-2014-9639</cvename>
+ <url>https://trac.xiph.org/ticket/2137</url>
+ <cvename>CVE-2014-9638</cvename>
+ <url>https://trac.xiph.org/ticket/2212</url>
<cvename>CVE-2015-6749</cvename>
</references>
<dates>
<discovery>2015-08-08</discovery>
<entry>2015-09-09</entry>
+ <modified>2015-09-09</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list