Debian Bug report logs - #818037
vorbis-tools: vcut always(?) segfaults

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Frank Heckenbach <f.heckenbach@fh-soft.de>

To: submit@bugs.debian.org

Subject: vorbis-tools: vcut always(?) segfaults

Date: Sun, 13 Mar 2016 00:38:37 +0100

Package: vorbis-tools
Version: 1.4.0-6
Severity: grave
File: /usr/bin/vcut
Justification: renders package unusable

Sorry for the brief description, but for what I can tell, that's
really it. I tried various cases, and vcut always seems to just
segfault. Here's one example:

% head -c 500000 /dev/zero | oggenc -Q -r -o 1.ogg -
% vcut 1.ogg 2.ogg 3.ogg +1
Processing: Cutting at 1,000000 seconds
Segmentation fault

Tried on both i386 and amd64.

It did work correctly under squeeze and wheezy.

-- System Information:
Debian Release: 8.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages vorbis-tools depends on:
ii  libao4           1.1.0-3
ii  libc6            2.19-18+deb8u4
ii  libcurl3-gnutls  7.38.0-4+deb8u3
ii  libflac8         1.3.0-3
ii  libogg0          1.3.2-1
ii  libspeex1        1.2~rc1.2-1
ii  libvorbis0a      1.3.4-2
ii  libvorbisenc2    1.3.4-2
ii  libvorbisfile3   1.3.4-2

vorbis-tools recommends no packages.

vorbis-tools suggests no packages.

-- no debconf information

Message #10 received at 818037@bugs.debian.org (full text, mbox, reply):

From: Petter Reinholdtsen <pere@hungry.com>

To: Frank Heckenbach <f.heckenbach@fh-soft.de>, 818037@bugs.debian.org

Subject: Re: Bug#818037: vorbis-tools: vcut always(?) segfaults

Date: Sun, 13 Mar 2016 17:21:05 +0100

[Frank Heckenbach]
> Sorry for the brief description, but for what I can tell, that's
> really it. I tried various cases, and vcut always seems to just
> segfault. Here's one example:
>
> % head -c 500000 /dev/zero | oggenc -Q -r -o 1.ogg -
> % vcut 1.ogg 2.ogg 3.ogg +1
> Processing: Cutting at 1,000000 seconds
> Segmentation fault

I see the same, and this is the output from valgrind:

% valgrind vcut 1.ogg 2.ogg 3.ogg +1
==27037== Memcheck, a memory error detector
==27037== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==27037== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==27037== Command: vcut 1.ogg 2.ogg 3.ogg +1
==27037== 
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.22.so:
--27037-- Ignoring non-Dwarf2/3/4 block in .debug_info
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.22.so:
--27037-- Last block truncated in .debug_info; ignoring
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.22.so:
--27037-- parse_CU_Header: is neither DWARF2 nor DWARF3 nor DWARF4
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.22.so:
--27037-- Ignoring non-Dwarf2/3/4 block in .debug_info
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.22.so:
--27037-- Ignoring non-Dwarf2/3/4 block in .debug_info
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.22.so:
--27037-- Ignoring non-Dwarf2/3/4 block in .debug_info
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.22.so:
--27037-- Last block truncated in .debug_info; ignoring
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.22.so:
--27037-- parse_CU_Header: is neither DWARF2 nor DWARF3 nor DWARF4
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libm-2.22.so:
--27037-- Ignoring non-Dwarf2/3/4 block in .debug_info
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libm-2.22.so:
--27037-- Last block truncated in .debug_info; ignoring
--27037-- WARNING: Serious error when reading debug info
--27037-- When reading debug info from /lib/x86_64-linux-gnu/libm-2.22.so:
--27037-- parse_CU_Header: is neither DWARF2 nor DWARF3 nor DWARF4
Processing: Cutting at 1.000000 seconds
==27037== Invalid read of size 1
==27037==    at 0x4C2E7E6: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1018)
==27037==    by 0x5064202: ogg_stream_iovecin (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
==27037==    by 0x506435B: ogg_stream_packetin (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
==27037==    by 0x401A4D: ??? (in /usr/bin/vcut)
==27037==    by 0x401BDB: ??? (in /usr/bin/vcut)
==27037==    by 0x402029: ??? (in /usr/bin/vcut)
==27037==    by 0x4023BA: ??? (in /usr/bin/vcut)
==27037==    by 0x4025C2: ??? (in /usr/bin/vcut)
==27037==    by 0x4014F7: ??? (in /usr/bin/vcut)
==27037==    by 0x528B60F: (below main) (in /lib/x86_64-linux-gnu/libc-2.22.so)
==27037==  Address 0xfff001000 is not stack'd, malloc'd or (recently) free'd
==27037== 
==27037== 
==27037== Process terminating with default action of signal 11 (SIGSEGV)
==27037==  Access not within mapped region at address 0xFFF001000
==27037==    at 0x4C2E7E6: memcpy@@GLIBC_2.14 (vg_replace_strmem.c:1018)
==27037==    by 0x5064202: ogg_stream_iovecin (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
==27037==    by 0x506435B: ogg_stream_packetin (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
==27037==    by 0x401A4D: ??? (in /usr/bin/vcut)
==27037==    by 0x401BDB: ??? (in /usr/bin/vcut)
==27037==    by 0x402029: ??? (in /usr/bin/vcut)
==27037==    by 0x4023BA: ??? (in /usr/bin/vcut)
==27037==    by 0x4025C2: ??? (in /usr/bin/vcut)
==27037==    by 0x4014F7: ??? (in /usr/bin/vcut)
==27037==    by 0x528B60F: (below main) (in /lib/x86_64-linux-gnu/libc-2.22.so)
==27037==  If you believe this happened as a result of a stack
==27037==  overflow in your program's main thread (unlikely but
==27037==  possible), you can try to increase the size of the
==27037==  main thread stack using the --main-stacksize= flag.
==27037==  The main thread stack size used in this run was 8388608.
==27037== 
==27037== HEAP SUMMARY:
==27037==     in use at exit: 97,967,813 bytes in 116 blocks
==27037==   total heap usage: 121 allocs, 5 frees, 97,996,535 bytes allocated
==27037== 
==27037== LEAK SUMMARY:
==27037==    definitely lost: 0 bytes in 0 blocks
==27037==    indirectly lost: 0 bytes in 0 blocks
==27037==      possibly lost: 0 bytes in 0 blocks
==27037==    still reachable: 97,967,813 bytes in 116 blocks
==27037==         suppressed: 0 bytes in 0 blocks
==27037== Rerun with --leak-check=full to see details of leaked memory
==27037== 
==27037== For counts of detected and suppressed errors, rerun with: -v
==27037== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault
%

-- 
Happy hacking
Petter Reinholdtsen

Message #15 received at 818037@bugs.debian.org (full text, mbox, reply):

From: Martin Steghöfer <martin@steghoefer.eu>

To: Frank Heckenbach <f.heckenbach@fh-soft.de>, 818037@bugs.debian.org, control@bugs.debian.org

Subject: Re: Bug#818037: vorbis-tools: vcut always(?) segfaults

Date: Mon, 14 Mar 2016 21:07:43 +0100

tags 818037 + pending
thanks


Frank Heckenbach wrote:
> Sorry for the brief description, but for what I can tell, that's
> really it. I tried various cases, and vcut always seems to just
> segfault. Here's one example:
>
> % head -c 500000 /dev/zero | oggenc -Q -r -o 1.ogg -
> % vcut 1.ogg 2.ogg 3.ogg +1
> Processing: Cutting at 1,000000 seconds
> Segmentation fault
>
> Tried on both i386 and amd64.
>
> It did work correctly under squeeze and wheezy.

Thanks for the report!

I debugged it and found the problem. It was a simple indexing problem 
that seemed to have slipped away during quite some time because of a 
lucky memory layout: The pointer resulting from the wrong indexing 
points to the stack and therefore to valid memory (in terms of memory 
management), unless the block is too big. Now the memory layout has 
changed for some reason (GCC 5?), therefore we read a different value as 
block size, the block is too big for the stack and we get the 
segmentation faults.

The patch is in the git repository.

Cheers,
Martin

Message #22 received at 818037@bugs.debian.org (full text, mbox, reply):

From: Frank Heckenbach <f.heckenbach@fh-soft.de>

To: 818037@bugs.debian.org, martin@steghoefer.eu

Subject: Re: Bug#818037: vorbis-tools: vcut always(?) segfaults

Date: Wed, 16 Mar 2016 15:39:05 +0100

> I debugged it and found the problem. It was a simple indexing problem
> that seemed to have slipped away during quite some time because of a 
> lucky memory layout: The pointer resulting from the wrong indexing 
> points to the stack and therefore to valid memory (in terms of memory 
> management), unless the block is too big. Now the memory layout has 
> changed for some reason (GCC 5?), therefore we read a different value as 
> block size, the block is too big for the stack and we get the 
> segmentation faults.

Not GCC 5, jessie still uses 4.9.2 (and I tried rebuilding it
myself, same bug), but anyway.

> The patch is in the git repository.

Where can I get it (just the patch, so I can try it against the
jessie version)?

https://git.xiph.org/ says:
vorbis-tools.git ... Last change 5 months ago

Regards,
Frank

Message #27 received at 818037@bugs.debian.org (full text, mbox, reply):

From: Martin Steghöfer <martin@steghoefer.eu>

To: Frank Heckenbach <f.heckenbach@fh-soft.de>, 818037@bugs.debian.org

Subject: Re: Bug#818037: vorbis-tools: vcut always(?) segfaults

Date: Wed, 16 Mar 2016 16:12:10 +0100

Frank Heckenbach wrote:
>> The patch is in the git repository.
> Where can I get it (just the patch, so I can try it against the
> jessie version)?
>
> https://git.xiph.org/ says:
> vorbis-tools.git ... Last change 5 months ago

It's not yet in the upstream git repository (I submitted the patch 
through their bug tracker, but someone from upstream has to check it and 
apply it), but in our (the Debian package's) git repository.

You can find the patch here:

https://anonscm.debian.org/cgit/pkg-xiph/vorbis-tools.git/tree/debian/patches/Fix-segfault-in-vcut.patch

Message #32 received at 818037@bugs.debian.org (full text, mbox, reply):

From: Frank Heckenbach <f.heckenbach@fh-soft.de>

To: 818037@bugs.debian.org, martin@steghoefer.eu

Subject: Re: Bug#818037: vorbis-tools: vcut always(?) segfaults

Date: Wed, 16 Mar 2016 21:24:57 +0100

> It's not yet in the upstream git repository (I submitted the patch
> through their bug tracker, but someone from upstream has to check it and 
> apply it), but in our (the Debian package's) git repository.
> 
> You can find the patch here:
> 
> https://anonscm.debian.org/cgit/pkg-xiph/vorbis-tools.git/tree/debian/patches/Fix-segfault-in-vcut.patch

Seems to work for me. Thanks.

Frank

Message #37 received at 818037-close@bugs.debian.org (full text, mbox, reply):

From: Petter Reinholdtsen <pere@debian.org>

To: 818037-close@bugs.debian.org

Subject: Bug#818037: fixed in vorbis-tools 1.4.0-9

Date: Thu, 26 May 2016 07:49:21 +0000

Source: vorbis-tools
Source-Version: 1.4.0-9

We believe that the bug you reported is fixed in the latest version of
vorbis-tools, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 818037@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <pere@debian.org> (supplier of updated vorbis-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 26 May 2016 09:36:19 +0200
Source: vorbis-tools
Binary: vorbis-tools vorbis-tools-dbg
Architecture: source
Version: 1.4.0-9
Distribution: unstable
Urgency: medium
Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
Description:
 vorbis-tools - several Ogg Vorbis tools
 vorbis-tools-dbg - several Ogg Vorbis tools (debug files)
Closes: 813742 818037
Changes:
 vorbis-tools (1.4.0-9) unstable; urgency=medium
 .
   [ Martin Steghöfer ]
   * Fix segmentation fault in vcut (Closes: #818037)
 .
   [ Petter Reinholdtsen ]
   * Updated French translation by Damien / vauss. (Closes: #813742)
   * Added libcurl4-openssl-dev as alternative build dependency for
     libcurl4-gnutls-dev.
   * Added simple autopkgtest script to verify vcut no longer segfaults.
Checksums-Sha1:
 83c05559dc9958552cd2799cd8f7d4e7e76e0335 2323 vorbis-tools_1.4.0-9.dsc
 891fb1b24c2340dc9b93f74e8c79ad50d39de71c 50236 vorbis-tools_1.4.0-9.debian.tar.xz
Checksums-Sha256:
 817ef4ddc3923c3d26715fb4df064d09d0f7d64c54123bcaa2f4f0c21b02c0d4 2323 vorbis-tools_1.4.0-9.dsc
 d22f4f929cd57309e62c3f9b79300ab9c38c1bf20aeda5cb72e2df1916ab7d48 50236 vorbis-tools_1.4.0-9.debian.tar.xz
Files:
 4a1091364e570ff15b44fb52b5379f59 2323 sound optional vorbis-tools_1.4.0-9.dsc
 37874494a5dd14f5271af06ad659c689 50236 sound optional vorbis-tools_1.4.0-9.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXRqfrAAoJEIEoCqCHuvsOKfkP/24duDeremSD0MuS7i3QRMhc
evXeAW5dALpaJt0tvTOoH2UExu7dUf+bPfW0vpE5u/UdHWJ/G9+wkiLHc+ye74s+
GycG9F80J9cepbtLEjYWG4dCZmgRMeLyw2Er+96TEc2kpdywCVKiIYAY/Sj29TwT
x4SLciYT67exBWm4Tj4GWs7xChsH2iO/VF80j4qotB1W/twQguse9Ify6zkiqi70
ZNmRNm/7kszOfAuVqbfN7w8zPflRDAqwPbDk4M48Q6YatOrvAi/UdNpUcaLGGFd0
jaY0n6mj9DTinl4msTV7fEojQcbJwgmtzLA5nj2Ctd3IvyIwTX7hZ/12RxEc4lfO
oW4YuV0UwYcIPau2sKx01DMfmf0gGAKzRpbf3LvD2AVYJvd2ivSWIiNRyzesAsIm
V/keWW4HdNPPzMTGsz/jQxodvmO4Mt1kv1U8qMFbbqv7wzvKxvwhFS3ljowU+bBD
JLu3eA0i2TQ6AnZuDlXhlufUsjSjXvwfCI46aBaFokipqRE+UrO4J0VIL6HM1Uzj
O8lFoVaVclN47Mzsndg/YpWJGmn+Nk0ydJ2zqE/YVx8Dm6ilYWZV4N+vjA2iDdST
2LzKHU2P8+q8QKyssR/EB4S8Wnd8P/gH3JEaNrM2O13pB5PO/beNdFhUf1ux200R
b8JVGKjh10jZ5e1c1w2B
=Vqrl
-----END PGP SIGNATURE-----

Message #42 received at 818037-close@bugs.debian.org (full text, mbox, reply):

From: Petter Reinholdtsen <pere@debian.org>

To: 818037-close@bugs.debian.org

Subject: Bug#818037: fixed in vorbis-tools 1.4.0-6+deb8u1

Date: Thu, 09 Jun 2016 22:17:17 +0000

Source: vorbis-tools
Source-Version: 1.4.0-6+deb8u1

We believe that the bug you reported is fixed in the latest version of
vorbis-tools, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 818037@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <pere@debian.org> (supplier of updated vorbis-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 09 Jun 2016 12:18:49 +0200
Source: vorbis-tools
Binary: vorbis-tools vorbis-tools-dbg
Architecture: source amd64
Version: 1.4.0-6+deb8u1
Distribution: jessie
Urgency: low
Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
Description:
 vorbis-tools - several Ogg Vorbis tools
 vorbis-tools-dbg - several Ogg Vorbis tools (debug files)
Closes: 776086 797461 818037
Changes:
 vorbis-tools (1.4.0-6+deb8u1) jessie; urgency=low
 .
   [ Petter Reinholdtsen ]
   * Add gbp.conf file documenting git branch to use for updates to Jessie.
   * oggenc: Fix large alloca on bad AIFF input to oggenc (CVE-2015-6749).
     (Closes: 797461)
   * oggenc: Validate count of channels in the header (CVE-2014-9638, CVE-2014-9639).
     (Closes: 776086)
 .
   [ Martin Steghöfer ]
   * Fix segmentation fault in vcut (Closes: #818037)
Checksums-Sha1:
 8938b75c421ad0c20179520e43d9b7975de4206b 2271 vorbis-tools_1.4.0-6+deb8u1.dsc
 3af97ac2d0a0dde8b6e45711c2312eba9c4d2415 18004 vorbis-tools_1.4.0-6+deb8u1.debian.tar.xz
 2023fbbeafc232a52ccc5d0a0fa363135a7762e6 187240 vorbis-tools_1.4.0-6+deb8u1_amd64.deb
 17ba065d11ac6e405899fe31f892e82600f5e430 257052 vorbis-tools-dbg_1.4.0-6+deb8u1_amd64.deb
Checksums-Sha256:
 c83d5356d2a5edaab9af2eac1c5ce5747664a0aa891f8294cc146901edcb2b59 2271 vorbis-tools_1.4.0-6+deb8u1.dsc
 fd1302c0ccfc64b32168e7c84ef615f773aa125dcddcb419542cbacf27240d9c 18004 vorbis-tools_1.4.0-6+deb8u1.debian.tar.xz
 cf9b15195f0dead372271e0b79943b8f31302ec0ad78788d06ae868a97a270ea 187240 vorbis-tools_1.4.0-6+deb8u1_amd64.deb
 fbf261e839c546111c116fffb8643563175d446e537cdc5414efc9e0f63ede47 257052 vorbis-tools-dbg_1.4.0-6+deb8u1_amd64.deb
Files:
 eb2a31d972b5af09cd24b7a029099ae9 2271 sound optional vorbis-tools_1.4.0-6+deb8u1.dsc
 60c3fbbf546b25285c62c14eea708c9a 18004 sound optional vorbis-tools_1.4.0-6+deb8u1.debian.tar.xz
 8d826996d538f26baa4b17bab28769e4 187240 sound optional vorbis-tools_1.4.0-6+deb8u1_amd64.deb
 d8d8cf8797f240025ddec973b6a4e2a3 257052 debug extra vorbis-tools-dbg_1.4.0-6+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXWUL6AAoJEIEoCqCHuvsOSOAP/RSHNTeIKB87xKfQvlEzIqvv
6cRK0ZUNkozqwcKP+TbNNxVcvN2D0IQpzkqEg5k5XUCo1cOaTLANHKkkdNNjqdXk
8fPWy/u9kyj4+lC/nNNwR0pnkxlKdo8upR2GhPAexL7tfQBUMl+nf5yIPywFYFhr
3Z38jHg++jz2KUPYbYg5wSsOYOWeMALEjk2tBwKOU3RFNOGiUO7aDz3aVDEDsR38
HpEIO2B2DGiseC5LxfcoGROrb8gUglXmc/sZGEQzaF2LiTW1uAsaIHyjzuSxymDq
BTa+FAeGWts/06M/EhFAqXcAYYgzgkliMIrH8Akwwjfcz4wUyFeSdBbaYguaLpnH
LWvc0/HU+hR0mpdi8MeybDwlhm2NbUsK0ImWmiUXN4aveDYVEkuJVEbWoMW4s13z
Y7z03p1zFpsDZBD+RZzm5Y0MI40icS0A4LohOFpXcj83OgdRBn047UBvbL0bjMb1
bOlNj9lyxDeGKuTm2e2PjiqdJLOVQ6YzNJ3qoTQZVj6FZDSwmPni1+MPO4IN0Rky
jAUeD7Y/gKNvym5sK5xa4HFiPdHBT7GOrVn5pNiBOTS+1WfUVFqgTMG7fd/GoeoE
I/v7iWZH7sDsNA2HK1QWjVsU9qP/kaTPIIMhCaij3YWGfhuivR/PDZJ7vgP321CN
z03imMT9+NAmbCsrnHD0
=ePxP
-----END PGP SIGNATURE-----

Message #51 received at 818037-done@bugs.debian.org (full text, mbox, reply):

From: Petter Reinholdtsen <pere@hungry.com>

To: <797461-done@bugs.debian.org>, <776086-done@bugs.debian.org>, <818037-done@bugs.debian.org>

Subject: Bug fixed in Jessie

Date: Sat, 24 Sep 2016 07:55:14 +0200

Version: 1.4.0-6+deb8u1

This issue was fixed in Jessue with this upload:

 vorbis-tools (1.4.0-6+deb8u1) jessie; urgency=low
 .
   [ Petter Reinholdtsen ]
   * Add gbp.conf file documenting git branch to use for updates to Jessie.
   * oggenc: Fix large alloca on bad AIFF input to oggenc (CVE-2015-6749).
     (Closes: 797461)
   * oggenc: Validate count of channels in the header (CVE-2014-9638,
CVE-2014-9639).
     (Closes: 776086)
 .
   [ Martin Steghöfer ]
   * Fix segmentation fault in vcut (Closes: #818037)

No idea why the BTS have not noticed yet, but I close the bugs manually
to have the fact properly recorded.

-- 
Happy hacking
Petter Reinholdtsen

Send a report that this bug log contains spam.