nixos/nixpkgs.git - Nix Packages collection

diff options

author	Andreas Rammhold <andreas@rammhold.de>	2018-03-17 19:17:56 +0100
committer	Andreas Rammhold <andreas@rammhold.de>	2018-03-17 19:17:56 +0100
commit	879ffc06fe559c0088c87181bb115c862ff55288 (patch)
tree	c6577a5bf0fe06bcf88bd4313afe278ddd2dbe40 /pkgs/development/python-modules/httpserver
parent	879f144d7fb4d49cf2afacbc4e84e045d519c792 (diff)

libvorbis: 1.3.5 -> 1.3.6

This update includes the removed patches (CVE-2017-14632, CVE-2017-14633) and additionally fixes CVE-2018-5146 [1]. The changelog: libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% fewer shells)" * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding. * Fix CVE-2017-14632 - free() on unitialized data * Fix CVE-2017-14633 - out-of-bounds read * Fix bitrate metadata parsing. * Fix out-of-bounds read in codebook parsing. * Fix residue vector size in Vorbis I spec. * Appveyor support * Travis CI support * Add secondary CMake build system. * Build system fixes [1] http://seclists.org/oss-sec/2018/q1/243

Diffstat (limited to 'pkgs/development/python-modules/httpserver')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: