RHSA-2007:0845-02 Important: libvorbis security update
Posted on: 09/19/2007 06:30 PM

A new update is available for Red Hat Enterprise Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: libvorbis security update
Advisory ID: RHSA-2007:0845-02
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0845.html
Issue date: 2007-09-19
Updated on: 2007-09-19
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-3106 CVE-2007-4029 CVE-2007-4065
CVE-2007-4066
- ---------------------------------------------------------------------

1. Summary:

Updated libvorbis packages to correct several security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

The libvorbis package contains runtime libraries for use in programs that
support Ogg Voribs. Ogg Vorbis is a fully open, non-proprietary, patent-and
royalty-free, general-purpose compressed audio format.

Several flaws were found in the way libvorbis processed audio data. An
attacker could create a carefully crafted OGG audio file in such a way that
it could cause an application linked with libvorbis to crash or execute
arbitrary code when it was opened. (CVE-2007-3106, CVE-2007-4029,
CVE-2007-4065, CVE-2007-4066)

Users of libvorbis are advised to upgrade to this updated package, which
contains backported patches that resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

245991 - CVE-2007-3106 libvorbis array boundary condition
249780 - CVE-2007-4065 Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/libvorbis-1.0-8.el3.src.rpm
8107795ecfc5fcf28ac0038c2043d29a libvorbis-1.0-8.el3.src.rpm

i386:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
c5ba155cc3ff3b298152ba00b43e254a libvorbis-devel-1.0-8.el3.i386.rpm

ia64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
cb56c38c287ea8c5073d264e79989e96 libvorbis-1.0-8.el3.ia64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
8181e214a804af34d9f1337bd6959b35 libvorbis-debuginfo-1.0-8.el3.ia64.rpm
bb6b80dee9560555f99d61a2ac697f9f libvorbis-devel-1.0-8.el3.ia64.rpm

ppc:
f983629809912bfa70e955bfc309e594 libvorbis-1.0-8.el3.ppc.rpm
322dbf918fd05cc43f1b79f383cc4b58 libvorbis-1.0-8.el3.ppc64.rpm
1e846932690173cf3bc281287ea852af libvorbis-debuginfo-1.0-8.el3.ppc.rpm
0beda1ac436c6328ed3457e51c1c3b99 libvorbis-debuginfo-1.0-8.el3.ppc64.rpm
61aeb1d9554a503a1ea442542b06fafd libvorbis-devel-1.0-8.el3.ppc.rpm

s390:
e2955cca69c5a52c2aa9cda3edcbfe0e libvorbis-1.0-8.el3.s390.rpm
86cfd74265a10c4674ea8e4cdf677815 libvorbis-debuginfo-1.0-8.el3.s390.rpm
2f36e33ee1275c6c83dc55892f7de265 libvorbis-devel-1.0-8.el3.s390.rpm

s390x:
e2955cca69c5a52c2aa9cda3edcbfe0e libvorbis-1.0-8.el3.s390.rpm
f3c4c5de67e97827b2e5a2bea359eff8 libvorbis-1.0-8.el3.s390x.rpm
86cfd74265a10c4674ea8e4cdf677815 libvorbis-debuginfo-1.0-8.el3.s390.rpm
7d9f57decb316e9faba1e4e0e70a8973 libvorbis-debuginfo-1.0-8.el3.s390x.rpm
50075035cec0612d50035bd834f5b49d libvorbis-devel-1.0-8.el3.s390x.rpm

x86_64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
bd59c6d510084642a568686dc1612705 libvorbis-1.0-8.el3.x86_64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
543e8b0a3e3f5eab6af334349e5d00fe libvorbis-debuginfo-1.0-8.el3.x86_64.rpm
fe92d7b73cb2f515b1a148621bd09b71 libvorbis-devel-1.0-8.el3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/libvorbis-1.0-8.el3.src.rpm
8107795ecfc5fcf28ac0038c2043d29a libvorbis-1.0-8.el3.src.rpm

i386:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
c5ba155cc3ff3b298152ba00b43e254a libvorbis-devel-1.0-8.el3.i386.rpm

x86_64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
bd59c6d510084642a568686dc1612705 libvorbis-1.0-8.el3.x86_64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
543e8b0a3e3f5eab6af334349e5d00fe libvorbis-debuginfo-1.0-8.el3.x86_64.rpm
fe92d7b73cb2f515b1a148621bd09b71 libvorbis-devel-1.0-8.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/libvorbis-1.0-8.el3.src.rpm
8107795ecfc5fcf28ac0038c2043d29a libvorbis-1.0-8.el3.src.rpm

i386:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
c5ba155cc3ff3b298152ba00b43e254a libvorbis-devel-1.0-8.el3.i386.rpm

ia64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
cb56c38c287ea8c5073d264e79989e96 libvorbis-1.0-8.el3.ia64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
8181e214a804af34d9f1337bd6959b35 libvorbis-debuginfo-1.0-8.el3.ia64.rpm
bb6b80dee9560555f99d61a2ac697f9f libvorbis-devel-1.0-8.el3.ia64.rpm

x86_64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
bd59c6d510084642a568686dc1612705 libvorbis-1.0-8.el3.x86_64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
543e8b0a3e3f5eab6af334349e5d00fe libvorbis-debuginfo-1.0-8.el3.x86_64.rpm
fe92d7b73cb2f515b1a148621bd09b71 libvorbis-devel-1.0-8.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/libvorbis-1.0-8.el3.src.rpm
8107795ecfc5fcf28ac0038c2043d29a libvorbis-1.0-8.el3.src.rpm

i386:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
c5ba155cc3ff3b298152ba00b43e254a libvorbis-devel-1.0-8.el3.i386.rpm

ia64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
cb56c38c287ea8c5073d264e79989e96 libvorbis-1.0-8.el3.ia64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
8181e214a804af34d9f1337bd6959b35 libvorbis-debuginfo-1.0-8.el3.ia64.rpm
bb6b80dee9560555f99d61a2ac697f9f libvorbis-devel-1.0-8.el3.ia64.rpm

x86_64:
95038ec2657791a93747742300738b02 libvorbis-1.0-8.el3.i386.rpm
bd59c6d510084642a568686dc1612705 libvorbis-1.0-8.el3.x86_64.rpm
3f75951d0a783b810eec5ffab01797cd libvorbis-debuginfo-1.0-8.el3.i386.rpm
543e8b0a3e3f5eab6af334349e5d00fe libvorbis-debuginfo-1.0-8.el3.x86_64.rpm
fe92d7b73cb2f515b1a148621bd09b71 libvorbis-devel-1.0-8.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libvorbis-1.1.0-2.el4.5.src.rpm
69c599823f0af348e0f372b386e9bd80 libvorbis-1.1.0-2.el4.5.src.rpm

i386:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
22a0a747a347907126a4973bf127648b libvorbis-devel-1.1.0-2.el4.5.i386.rpm

ia64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
df79ceec009e33f8e4d19af3270df7c7 libvorbis-1.1.0-2.el4.5.ia64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
2fe6904305d78d37511da37c90914475 libvorbis-debuginfo-1.1.0-2.el4.5.ia64.rpm
95783ef5a4d515933db7d9d6347225d9 libvorbis-devel-1.1.0-2.el4.5.ia64.rpm

ppc:
86f0d999727257eda58e1278b3f21dbd libvorbis-1.1.0-2.el4.5.ppc.rpm
419259ae33a85ddd6314643d84f76f4d libvorbis-1.1.0-2.el4.5.ppc64.rpm
b97820aa5cf7949d20d78b69cd81152a libvorbis-debuginfo-1.1.0-2.el4.5.ppc.rpm
90437a3ab4a82ee94d276d24ef70b723 libvorbis-debuginfo-1.1.0-2.el4.5.ppc64.rpm
ba0c50ac7a6b1152deea9765af6ecd5b libvorbis-devel-1.1.0-2.el4.5.ppc.rpm

s390:
4f190e865d5004af3cdb88a76b2305a4 libvorbis-1.1.0-2.el4.5.s390.rpm
7c7a9228170aa82ad717ca84afdafca5 libvorbis-debuginfo-1.1.0-2.el4.5.s390.rpm
995b8c27ef4bfd8b676a436d3668a2ae libvorbis-devel-1.1.0-2.el4.5.s390.rpm

s390x:
4f190e865d5004af3cdb88a76b2305a4 libvorbis-1.1.0-2.el4.5.s390.rpm
c5dda135c29a240c83a21c62a9f73f14 libvorbis-1.1.0-2.el4.5.s390x.rpm
7c7a9228170aa82ad717ca84afdafca5 libvorbis-debuginfo-1.1.0-2.el4.5.s390.rpm
12828f4978e0dce8db626a20e3daab7d libvorbis-debuginfo-1.1.0-2.el4.5.s390x.rpm
f81c7debdd694d7d92299b481f13f42c libvorbis-devel-1.1.0-2.el4.5.s390x.rpm

x86_64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
e54d8995cf759809c9cd602880cd2740 libvorbis-1.1.0-2.el4.5.x86_64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
b4a58acf85914ff235321d9963e05d5d libvorbis-debuginfo-1.1.0-2.el4.5.x86_64.rpm
410756948e6f994be57489ef5ccc06d4 libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libvorbis-1.1.0-2.el4.5.src.rpm
69c599823f0af348e0f372b386e9bd80 libvorbis-1.1.0-2.el4.5.src.rpm

i386:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
22a0a747a347907126a4973bf127648b libvorbis-devel-1.1.0-2.el4.5.i386.rpm

x86_64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
e54d8995cf759809c9cd602880cd2740 libvorbis-1.1.0-2.el4.5.x86_64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
b4a58acf85914ff235321d9963e05d5d libvorbis-debuginfo-1.1.0-2.el4.5.x86_64.rpm
410756948e6f994be57489ef5ccc06d4 libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libvorbis-1.1.0-2.el4.5.src.rpm
69c599823f0af348e0f372b386e9bd80 libvorbis-1.1.0-2.el4.5.src.rpm

i386:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
22a0a747a347907126a4973bf127648b libvorbis-devel-1.1.0-2.el4.5.i386.rpm

ia64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
df79ceec009e33f8e4d19af3270df7c7 libvorbis-1.1.0-2.el4.5.ia64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
2fe6904305d78d37511da37c90914475 libvorbis-debuginfo-1.1.0-2.el4.5.ia64.rpm
95783ef5a4d515933db7d9d6347225d9 libvorbis-devel-1.1.0-2.el4.5.ia64.rpm

x86_64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
e54d8995cf759809c9cd602880cd2740 libvorbis-1.1.0-2.el4.5.x86_64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
b4a58acf85914ff235321d9963e05d5d libvorbis-debuginfo-1.1.0-2.el4.5.x86_64.rpm
410756948e6f994be57489ef5ccc06d4 libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libvorbis-1.1.0-2.el4.5.src.rpm
69c599823f0af348e0f372b386e9bd80 libvorbis-1.1.0-2.el4.5.src.rpm

i386:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
22a0a747a347907126a4973bf127648b libvorbis-devel-1.1.0-2.el4.5.i386.rpm

ia64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
df79ceec009e33f8e4d19af3270df7c7 libvorbis-1.1.0-2.el4.5.ia64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
2fe6904305d78d37511da37c90914475 libvorbis-debuginfo-1.1.0-2.el4.5.ia64.rpm
95783ef5a4d515933db7d9d6347225d9 libvorbis-devel-1.1.0-2.el4.5.ia64.rpm

x86_64:
0dc97da60bc803c5f7ecd78ec1befd15 libvorbis-1.1.0-2.el4.5.i386.rpm
e54d8995cf759809c9cd602880cd2740 libvorbis-1.1.0-2.el4.5.x86_64.rpm
1a60d973df4fab6adeceba02312ff38a libvorbis-debuginfo-1.1.0-2.el4.5.i386.rpm
b4a58acf85914ff235321d9963e05d5d libvorbis-debuginfo-1.1.0-2.el4.5.x86_64.rpm
410756948e6f994be57489ef5ccc06d4 libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libvorbis-1.1.2-3.el5.0.src.rpm
ece7f2ca6dc593685a632afeaf6ed62d libvorbis-1.1.2-3.el5.0.src.rpm

i386:
d270b61d1d2ae651280fcd4980b60afe libvorbis-1.1.2-3.el5.0.i386.rpm
3f97a42f6f182e6c53e6c6ed7f21580a libvorbis-debuginfo-1.1.2-3.el5.0.i386.rpm

x86_64:
d270b61d1d2ae651280fcd4980b60afe libvorbis-1.1.2-3.el5.0.i386.rpm
7ff9b2bab6593c6e63fdbd4595b4d5b2 libvorbis-1.1.2-3.el5.0.x86_64.rpm
3f97a42f6f182e6c53e6c6ed7f21580a libvorbis-debuginfo-1.1.2-3.el5.0.i386.rpm
bc7b9866ffd2812ac5611ba0cc4d50f4 libvorbis-debuginfo-1.1.2-3.el5.0.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libvorbis-1.1.2-3.el5.0.src.rpm
ece7f2ca6dc593685a632afeaf6ed62d libvorbis-1.1.2-3.el5.0.src.rpm

i386:
3f97a42f6f182e6c53e6c6ed7f21580a libvorbis-debuginfo-1.1.2-3.el5.0.i386.rpm
02630426500b6cf0747ad0fb9e7d8e2a libvorbis-devel-1.1.2-3.el5.0.i386.rpm

x86_64:
3f97a42f6f182e6c53e6c6ed7f21580a libvorbis-debuginfo-1.1.2-3.el5.0.i386.rpm
bc7b9866ffd2812ac5611ba0cc4d50f4 libvorbis-debuginfo-1.1.2-3.el5.0.x86_64.rpm
02630426500b6cf0747ad0fb9e7d8e2a libvorbis-devel-1.1.2-3.el5.0.i386.rpm
2918b1efdf30b62055c9d3cf842d80fe libvorbis-devel-1.1.2-3.el5.0.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libvorbis-1.1.2-3.el5.0.src.rpm
ece7f2ca6dc593685a632afeaf6ed62d libvorbis-1.1.2-3.el5.0.src.rpm

i386:
d270b61d1d2ae651280fcd4980b60afe libvorbis-1.1.2-3.el5.0.i386.rpm
3f97a42f6f182e6c53e6c6ed7f21580a libvorbis-debuginfo-1.1.2-3.el5.0.i386.rpm
02630426500b6cf0747ad0fb9e7d8e2a libvorbis-devel-1.1.2-3.el5.0.i386.rpm

ia64:
c4065d1a29be322d71c3acb897d5e5af libvorbis-1.1.2-3.el5.0.ia64.rpm
172be3c0140112c12cc6deea3df4d218 libvorbis-debuginfo-1.1.2-3.el5.0.ia64.rpm
af81096ecfac9f55f6c19e87d69fa340 libvorbis-devel-1.1.2-3.el5.0.ia64.rpm

ppc:
1a3316787f26fb80385732cf3bf87b56 libvorbis-1.1.2-3.el5.0.ppc.rpm
174b43f0ed51ad979d969bbfbb9d7e8e libvorbis-1.1.2-3.el5.0.ppc64.rpm
35076ce221b90aaf7cf123d5b70f39f7 libvorbis-debuginfo-1.1.2-3.el5.0.ppc.rpm
bb1043ab5b6a8502a49ef9b01febc6f7 libvorbis-debuginfo-1.1.2-3.el5.0.ppc64.rpm
519e559e9f83625213f30e71cfa13412 libvorbis-devel-1.1.2-3.el5.0.ppc.rpm
aea17a74c47eb57d382c151742d24639 libvorbis-devel-1.1.2-3.el5.0.ppc64.rpm

s390x:
09a69e1bca67c92fc93913365d65b853 libvorbis-1.1.2-3.el5.0.s390.rpm
c27891e50fc9758e3754eda9e5045b36 libvorbis-1.1.2-3.el5.0.s390x.rpm
83eae6dd900623b3eb2398178f702fb4 libvorbis-debuginfo-1.1.2-3.el5.0.s390.rpm
de3f81beec8d07cd042b6a184cf9562c libvorbis-debuginfo-1.1.2-3.el5.0.s390x.rpm
2f8f3b85beaf374bf399dad2de329b58 libvorbis-devel-1.1.2-3.el5.0.s390.rpm
77bacf33bb4f191faaa9c6ffe82ba814 libvorbis-devel-1.1.2-3.el5.0.s390x.rpm

x86_64:
d270b61d1d2ae651280fcd4980b60afe libvorbis-1.1.2-3.el5.0.i386.rpm
7ff9b2bab6593c6e63fdbd4595b4d5b2 libvorbis-1.1.2-3.el5.0.x86_64.rpm
3f97a42f6f182e6c53e6c6ed7f21580a libvorbis-debuginfo-1.1.2-3.el5.0.i386.rpm
bc7b9866ffd2812ac5611ba0cc4d50f4 libvorbis-debuginfo-1.1.2-3.el5.0.x86_64.rpm
02630426500b6cf0747ad0fb9e7d8e2a libvorbis-devel-1.1.2-3.el5.0.i386.rpm
2918b1efdf30b62055c9d3cf842d80fe libvorbis-devel-1.1.2-3.el5.0.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFG8Vx5XlSAg2UNWIIRAriHAJwIseMZXXRiLMH7+qm1HdfM5fai5gCdHsRA
pOXTC7/QRe7tRknTUoYhSkg=
=Jvfv
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_20070845_02_important_libvorbis_security_update.html)