Bug 9191

Summary: [UPDATE REQUEST 2016.1] libvorbis 1.3.6-1 -> 1.3.6-2
Product: [ROSA-based products] ROSA Fresh Reporter: Giovanni Mariani <mc2374>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: RESOLVED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: andrey.bondrov, s.savelyeva, v.potapov
Version: AllFlags: v.potapov: qa_verified+
andrey.bondrov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: libvorbis-1.3.6-1.src.rpm ISO-related:
Bad POT generating: Upstream:
Bug Depends on:    
Bug Blocks: 9136    

Description Giovanni Mariani 2018-07-20 17:44:35 MSK
Our actual libvorbis is affected by CVE-2017-14160, CVE-2018-10392 and CVE-2018-10393 (see bug #9136): add the needed patches and rebuild the package.
Comment 1 Giovanni Mariani 2018-07-20 17:45:59 MSK
Advisory:
Update libvorbis to fix bug #9136.

Packages for Rosa 2016.1 / Main:
https://abf.rosalinux.ru/build_lists/2940067
https://abf.rosalinux.ru/build_lists/2940068
Comment 2 s.savelyeva 2018-07-24 17:10:59 MSK
it works
Comment 3 Vladimir Potapov 2018-07-26 13:43:52 MSK
The update is sent to expanded testing
*************************************
Comment 4 Vladimir Potapov 2018-07-31 10:55:45 MSK
libvorbis-1.3.6-2
https://abf.rosalinux.ru/build_lists/2940067
https://abf.rosalinux.ru/build_lists/2940068
***************************** Advisory ***************************
Update libvorbis to fix bug #9136.
******************************************************************
QA Verified