libvorbis: CVE-2017-14632 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Tanu Kaskinen <tanuk@iki.fi>	2018-03-20 10:50:23 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-03-25 09:40:42 +0100
commit	399200d3a37dda6ad445612ea51ba52134f22561 (patch)
tree	7e2f6a11021d193acc79f4dcef79f2d1edbd998f /meta/conf/distro/include/maintainers.inc
parent	d345c67168805e75938572a35d4f69236bfd8cb9 (diff)
download	poky-399200d3a37dda6ad445612ea51ba52134f22561.tar.gz

libvorbis: CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632 (From OE-Core rev: 5786e39e040f241f6bade29ba2ce61b7715e1b66) Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/conf/distro/include/maintainers.inc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: