Comment 9 for bug 218652

This bug was fixed in the package vorbis-tools - 1.1.1-15ubuntu0.1

---------------
vorbis-tools (1.1.1-15ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: array index vulnerability (LP: #218652)
  * debian/patches/SECURITY_CVE-2008-1686.diff: fix for ogg123/speex_format.c
    to properly validate its input
  * References
    CVE-2008-1686

 -- Jamie Strandboge <email address hidden> Wed, 07 May 2008 13:53:17 -0400