Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
The libvorbis packages contain runtime libraries for use in programs that
support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and
royalty-free, general-purpose compressed audio format.
Multiple flaws were found in the libvorbis library. A specially-crafted Ogg
Vorbis media format file (Ogg) could cause an application using libvorbis
to crash or, possibly, execute arbitrary code when opened. (CVE-2009-3379)
Users of libvorbis should upgrade to these updated packages, which contain
backported patches to correct these issues. The desktop must be restarted
(log out, then log back in) for this update to take effect.
https://www.cve.org/CVERecord?id=CVE-2009-3379 https://access.redhat.com/security/updates/classification#important
Red Hat Enterprise Linux AS version 3:
Source:
i386:
libvorbis-1.0-12.el3.i386.rpm
libvorbis-debuginfo-1.0-12.el3.i386.rpm
libvorbis-devel-1.0-12.el3.i386.rpm
ia64:
libvorbis-1.0-12.el3.i386.rpm
libvorbis-1.0-12.el3.ia64.rpm
libvorbis-debuginfo-1.0-12.el3.i386.rpm
libvorbis-debuginfo-1.0-12.el3.ia64.rpm
libvorbis-devel-1.0-12.el3.ia64.rpm
ppc:
libvorbis-1.0-12.el3.ppc.rpm
libvorbis-1.0-12.el3.ppc64.rpm
libvorbis-debuginfo-1.0-12.el3.ppc.rpm
libvorbis-debuginfo-1.0-12.el3.ppc64.rpm
libvorbis-devel-1.0-12.el3.ppc.rpm
s390:
libvorbis-1.0-12.el3.s390.rpm
libvorbis-debuginfo-1.0-12.el3.s390.rpm
libvorbis-devel-1.0-12.el3.s390.rpm
s390x:
libvorbis-1.0-12.el3.s390.rpm
libvorbis-1.0-12.el3.s390x.rpm
libvorbis-debuginfo-1.0-12.el3.s390.rpm
libvorbis-debuginfo-1.0-12.el3.s390x.rpm
libvorbis-devel-1.0-12.el3.s390x.rpm
x86_64:
libvorbis-1.0-12.el3.i386.rpm
libvorbis-1.0-12.el3.x86_64.rpm
libvorbis-debuginfo-1.0-12.el3.i386.rpm
libvorbis-debuginfo-1.0-12.el3.x86_64.rpm
libvorbis-devel-1.0-12.el3.x86_64.rpm
Red Hat Desktop version 3:
Source:
i386:
libvorbis-1.0-12.el3.i386.rpm
libvorbis-debuginfo-1.0-12.el3.i386.rpm
libvorbis-devel-1.0-12.el3.i386.rpm
x86_64:
libvorbis-1.0-12.el3.i386.rpm
libvorbis-1.0-12.el3.x86_64.rpm
libvorbis-debuginfo-1.0-12.el3.i386.rpm
Read the Full Advisory
Updated libvorbis packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 3, 4, and 5.This update has been rated as having important security impact by the RedHat Security Response Team.
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
531765 - CVE-2009-3379 libvorbis: security fixes mentioned in MFSA 2009-63
Get the latest Linux and open source security news straight to your inbox.