Subject: CVS commit: pkgsrc/audio/libvorbis
From: Maya Rashish
Date: 2018-03-16 21:23:53
Message id: 20180316202353.37EE8FB40@cvs.NetBSD.org
Log Message:
libvorbis: update to 1.3.6. security fix.

libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% \ 
fewer shells)"

* Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
* Fix CVE-2017-14632 - free() on unitialized data
* Fix CVE-2017-14633 - out-of-bounds read
* Fix bitrate metadata parsing.
* Fix out-of-bounds read in codebook parsing.
* Fix residue vector size in Vorbis I spec.
* Appveyor support
* Travis CI support
* Add secondary CMake build system.
* Build system fixes
Files:
RevisionActionfile
1.60modifypkgsrc/audio/libvorbis/Makefile
1.26modifypkgsrc/audio/libvorbis/distinfo