Ubuntu Patches Vorbis Tools

May 09, 2008

The Ubuntu security team has released an update to close a vulnerability in the Vorbis Tools for editing music files in Ogg-Vorbis format.

The free Speex speech codec is the root of the problem as it does not perform sufficient checks when editing file headers. A manipulated Speex files could give an attacker the ability to launch denial of service attacks against applications that rely on Speex. This could also open up a vector to executing arbitrary code, the Ubuntu security advisory warns.

Ubuntu versions from 6.06 to 7.04, 7.10 and 8.04 are affected. The corresponding Kubuntu, Edubuntu and Xubuntu distributions also have the bug. Users should use the update feature to update their systems say the developers.

Related content

  • Perl Audio Converter Extends Choice of Formats

    Version 4.0.0 of the Perl Audio Converter (PAC) has just been released; the program can now handle a wider variety of file types.

  • Free Software Projects

    If you want to convert a bunch of audio files into another format and prefer to steer clear of the command line, the Gnac graphical tool might do the trick. Also, the Gourmet Recipe Manager helps out in the kitchen.

  • Update Closes Rsync Vulnerability

    Distributions such as Ubuntu and Debian are currently in the process of issuing updates to their users to remove a problem with the Rsync tool.

  • DoS Attack Exploit in BIND 9

    A specially crafted dynamic update message to a DNS zone for which the server is a master can raise havoc in BIND 9. An active remote exploit is already "in wide circulation."

  • Supporting Role

    With the addition of its supporting utilities, Ogg Vorbis competes with other free audio formats.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News