registry team mailing list archive

Thread
Date

[Bug 218652] Re: CVE-2008-1686: Multiple speex implementations insufficient boundary checks

To: registry@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <218652@xxxxxxxxxxxxxxxxxx>
Date: Wed, 07 Jul 2010 16:11:27 -0000
Reply-to: Bug 218652 <218652@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package libfishsound - 0.7.0-2.1ubuntu0.1

---------------
libfishsound (0.7.0-2.1ubuntu0.1) hardy-security; urgency=low

  [ Brian Thomason ]
  * SECURITY UPDATE: uncontrolled array index (LP: #218652)
  - src/libfishsound/speex.c - Added check for negative offset.
    Based on Debian patch.
  - CVE-2008-1686

  [ Jamie Strandboge ]
  * debian/control: adjust section from 'unknown' to 'sound'
 -- Brian Thomason <brian.thomason@xxxxxxxxxxxxx>   Tue, 29 Jun 2010 16:24:03 -0400

** Changed in: libfishsound (Ubuntu Hardy)
       Status: Fix Committed => Fix Released

-- 
CVE-2008-1686: Multiple speex implementations insufficient boundary checks
https://bugs.launchpad.net/bugs/218652
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for vorbis-tools.