Red Hat Product Errata RHSA-2007:0845 - Security Advisory

Issued:: 2007-09-19
Updated:: 2007-09-19

RHSA-2007:0845 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libvorbis security update

Type/Severity

Security Advisory: Important

Topic

Updated libvorbis packages to correct several security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The libvorbis package contains runtime libraries for use in programs that
support Ogg Voribs. Ogg Vorbis is a fully open, non-proprietary, patent-and
royalty-free, general-purpose compressed audio format.

Several flaws were found in the way libvorbis processed audio data. An
attacker could create a carefully crafted OGG audio file in such a way that
it could cause an application linked with libvorbis to crash or execute
arbitrary code when it was opened. (CVE-2007-3106, CVE-2007-4029,
CVE-2007-4065, CVE-2007-4066)

Users of libvorbis are advised to upgrade to this updated package, which
contains backported patches that resolve these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server 3 x86_64
Red Hat Enterprise Linux Server 3 ia64
Red Hat Enterprise Linux Server 3 i386
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 ia64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Workstation 3 x86_64
Red Hat Enterprise Linux Workstation 3 ia64
Red Hat Enterprise Linux Workstation 3 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux Desktop 3 x86_64
Red Hat Enterprise Linux Desktop 3 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems 3 s390x
Red Hat Enterprise Linux for IBM z Systems 3 s390
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian 3 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 245991 - CVE-2007-3106 libvorbis array boundary condition
BZ - 249780 - CVE-2007-4065 Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)

CVEs

References

http://www.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
libvorbis-1.1.2-3.el5.0.src.rpm	SHA-256: 955f33a6c30c8ce4fba47c696769fa156a77ff9bbaeae5fe32281756a153a875
x86_64
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 0f1fee7f34367d4308df724dfe18d8490da211bf803a1c460972bed2da426697
libvorbis-devel-1.1.2-3.el5.0.i386.rpm	SHA-256: 1ae7f870fd1c611bb49ab0f3c8c29a1d036923b79b742792efd64b059596374e
libvorbis-devel-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 5c7da6b84949ea899cb3e82757c0172156516c23e228f728be706587fca0c6cd
ia64
libvorbis-1.1.2-3.el5.0.ia64.rpm	SHA-256: e59ce394fa4a4c35cd79b048e2a3b79fd9163b453e6fdc348aa93cfab1e27edb
libvorbis-devel-1.1.2-3.el5.0.ia64.rpm	SHA-256: a3e37671eb5b32be55a2ff4d19bb9d065e044b1543cbfa951d01fc42962080b2
i386
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-devel-1.1.2-3.el5.0.i386.rpm	SHA-256: 1ae7f870fd1c611bb49ab0f3c8c29a1d036923b79b742792efd64b059596374e

Red Hat Enterprise Linux Server 4

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
x86_64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 067a498177c1f81f98e677b439672a300de2df2e666328acabb232d677045505
libvorbis-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 067a498177c1f81f98e677b439672a300de2df2e666328acabb232d677045505
libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 318539920c3336535156ef51f8fcb47c81e07dfb644ac2562460f0f31b0043d6
libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 318539920c3336535156ef51f8fcb47c81e07dfb644ac2562460f0f31b0043d6
ia64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.ia64.rpm	SHA-256: 97946fda459c64c63f052232e059be64a7ede5ea307389ac7d72dc71a636e0e1
libvorbis-1.1.0-2.el4.5.ia64.rpm	SHA-256: 97946fda459c64c63f052232e059be64a7ede5ea307389ac7d72dc71a636e0e1
libvorbis-devel-1.1.0-2.el4.5.ia64.rpm	SHA-256: 51ec6bc22cf02bcf2c40eb14d9c734d3b79cac1cbc0627658b1fc55d0f6bfa17
libvorbis-devel-1.1.0-2.el4.5.ia64.rpm	SHA-256: 51ec6bc22cf02bcf2c40eb14d9c734d3b79cac1cbc0627658b1fc55d0f6bfa17
i386
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-devel-1.1.0-2.el4.5.i386.rpm	SHA-256: 5082cc60086a669f078e81b1187135b19e9e81cdcef22098c5c1403ab78b4cba
libvorbis-devel-1.1.0-2.el4.5.i386.rpm	SHA-256: 5082cc60086a669f078e81b1187135b19e9e81cdcef22098c5c1403ab78b4cba

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
x86_64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 067a498177c1f81f98e677b439672a300de2df2e666328acabb232d677045505
libvorbis-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 067a498177c1f81f98e677b439672a300de2df2e666328acabb232d677045505
libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 318539920c3336535156ef51f8fcb47c81e07dfb644ac2562460f0f31b0043d6
libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 318539920c3336535156ef51f8fcb47c81e07dfb644ac2562460f0f31b0043d6
ia64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.ia64.rpm	SHA-256: 97946fda459c64c63f052232e059be64a7ede5ea307389ac7d72dc71a636e0e1
libvorbis-1.1.0-2.el4.5.ia64.rpm	SHA-256: 97946fda459c64c63f052232e059be64a7ede5ea307389ac7d72dc71a636e0e1
libvorbis-devel-1.1.0-2.el4.5.ia64.rpm	SHA-256: 51ec6bc22cf02bcf2c40eb14d9c734d3b79cac1cbc0627658b1fc55d0f6bfa17
libvorbis-devel-1.1.0-2.el4.5.ia64.rpm	SHA-256: 51ec6bc22cf02bcf2c40eb14d9c734d3b79cac1cbc0627658b1fc55d0f6bfa17
i386
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-devel-1.1.0-2.el4.5.i386.rpm	SHA-256: 5082cc60086a669f078e81b1187135b19e9e81cdcef22098c5c1403ab78b4cba
libvorbis-devel-1.1.0-2.el4.5.i386.rpm	SHA-256: 5082cc60086a669f078e81b1187135b19e9e81cdcef22098c5c1403ab78b4cba

Red Hat Enterprise Linux Workstation 5

SRPM
libvorbis-1.1.2-3.el5.0.src.rpm	SHA-256: 955f33a6c30c8ce4fba47c696769fa156a77ff9bbaeae5fe32281756a153a875
x86_64
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 0f1fee7f34367d4308df724dfe18d8490da211bf803a1c460972bed2da426697
libvorbis-devel-1.1.2-3.el5.0.i386.rpm	SHA-256: 1ae7f870fd1c611bb49ab0f3c8c29a1d036923b79b742792efd64b059596374e
libvorbis-devel-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 5c7da6b84949ea899cb3e82757c0172156516c23e228f728be706587fca0c6cd
i386
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-devel-1.1.2-3.el5.0.i386.rpm	SHA-256: 1ae7f870fd1c611bb49ab0f3c8c29a1d036923b79b742792efd64b059596374e

Red Hat Enterprise Linux Workstation 4

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
x86_64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 067a498177c1f81f98e677b439672a300de2df2e666328acabb232d677045505
libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 318539920c3336535156ef51f8fcb47c81e07dfb644ac2562460f0f31b0043d6
ia64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.ia64.rpm	SHA-256: 97946fda459c64c63f052232e059be64a7ede5ea307389ac7d72dc71a636e0e1
libvorbis-devel-1.1.0-2.el4.5.ia64.rpm	SHA-256: 51ec6bc22cf02bcf2c40eb14d9c734d3b79cac1cbc0627658b1fc55d0f6bfa17
i386
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-devel-1.1.0-2.el4.5.i386.rpm	SHA-256: 5082cc60086a669f078e81b1187135b19e9e81cdcef22098c5c1403ab78b4cba

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Desktop 5

SRPM
libvorbis-1.1.2-3.el5.0.src.rpm	SHA-256: 955f33a6c30c8ce4fba47c696769fa156a77ff9bbaeae5fe32281756a153a875
x86_64
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 0f1fee7f34367d4308df724dfe18d8490da211bf803a1c460972bed2da426697
i386
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f

Red Hat Enterprise Linux Desktop 4

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
x86_64
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 067a498177c1f81f98e677b439672a300de2df2e666328acabb232d677045505
libvorbis-devel-1.1.0-2.el4.5.x86_64.rpm	SHA-256: 318539920c3336535156ef51f8fcb47c81e07dfb644ac2562460f0f31b0043d6
i386
libvorbis-1.1.0-2.el4.5.i386.rpm	SHA-256: 73e029760a55a76c83065cf6fa15cfd2617989141fd6e75a027a90d08db94d34
libvorbis-devel-1.1.0-2.el4.5.i386.rpm	SHA-256: 5082cc60086a669f078e81b1187135b19e9e81cdcef22098c5c1403ab78b4cba

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
libvorbis-1.1.2-3.el5.0.src.rpm	SHA-256: 955f33a6c30c8ce4fba47c696769fa156a77ff9bbaeae5fe32281756a153a875
s390x
libvorbis-1.1.2-3.el5.0.s390.rpm	SHA-256: 1e6767b6a2c876ac24aab9335e0cbf680d6558d06e70be277fb28835d7971f4f
libvorbis-1.1.2-3.el5.0.s390x.rpm	SHA-256: f4b46e707010f795f5616ce99375d118d18d9c6f500e0dee4c192bec7ccdb3ae
libvorbis-devel-1.1.2-3.el5.0.s390.rpm	SHA-256: c72afbc074d96eca28bf37b72a57b4e75085cda80b1f8a961dc1f81daef5835c
libvorbis-devel-1.1.2-3.el5.0.s390x.rpm	SHA-256: b9ee3e76272335488c1c28335e8f056582d76d7d23f33f02772644579e52df71

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
s390x
libvorbis-1.1.0-2.el4.5.s390.rpm	SHA-256: abc37b19ede1dbf7408c2a76081f5a6643ee5b009098d935230abbbf83c5c167
libvorbis-1.1.0-2.el4.5.s390x.rpm	SHA-256: e89a451d3b2436ead708eaa2600f99a83e52bd74016debabf86734c70b8d74f9
libvorbis-devel-1.1.0-2.el4.5.s390x.rpm	SHA-256: d0d1512b18e740792e0b5129889af5c06237cc4fdd11bc3138c76fe70be8c9fe
s390
libvorbis-1.1.0-2.el4.5.s390.rpm	SHA-256: abc37b19ede1dbf7408c2a76081f5a6643ee5b009098d935230abbbf83c5c167
libvorbis-devel-1.1.0-2.el4.5.s390.rpm	SHA-256: c29f33d442b6b5c4b9f833de1bc101d38ab69d30013379b8d9b44304a74fffe6

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
s390x
libvorbis-1.1.0-2.el4.5.s390.rpm	SHA-256: abc37b19ede1dbf7408c2a76081f5a6643ee5b009098d935230abbbf83c5c167
libvorbis-1.1.0-2.el4.5.s390x.rpm	SHA-256: e89a451d3b2436ead708eaa2600f99a83e52bd74016debabf86734c70b8d74f9
libvorbis-devel-1.1.0-2.el4.5.s390x.rpm	SHA-256: d0d1512b18e740792e0b5129889af5c06237cc4fdd11bc3138c76fe70be8c9fe
s390
libvorbis-1.1.0-2.el4.5.s390.rpm	SHA-256: abc37b19ede1dbf7408c2a76081f5a6643ee5b009098d935230abbbf83c5c167
libvorbis-devel-1.1.0-2.el4.5.s390.rpm	SHA-256: c29f33d442b6b5c4b9f833de1bc101d38ab69d30013379b8d9b44304a74fffe6

Red Hat Enterprise Linux for Power, big endian 5

SRPM
libvorbis-1.1.2-3.el5.0.src.rpm	SHA-256: 955f33a6c30c8ce4fba47c696769fa156a77ff9bbaeae5fe32281756a153a875
ppc
libvorbis-1.1.2-3.el5.0.ppc.rpm	SHA-256: 670a7f7f2d4ee66937f1381830fa9466b684961dc5bb3a25b55e57da8b0e6d0d
libvorbis-1.1.2-3.el5.0.ppc64.rpm	SHA-256: 0f859a772b492c3e19d78896fee1ac2441d1baab11612cf960dfdfbef5c67b58
libvorbis-devel-1.1.2-3.el5.0.ppc.rpm	SHA-256: 628f5d6de60a4829670e8002ca51c441e7e19cb023fd0926a29fe9a59fa8946b
libvorbis-devel-1.1.2-3.el5.0.ppc64.rpm	SHA-256: 543d225a5f3f7461ee68d7cf0261b56122b179f01c9836cf3cae075ad27700b9

Red Hat Enterprise Linux for Power, big endian 4

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
ppc
libvorbis-1.1.0-2.el4.5.ppc.rpm	SHA-256: 5c0f49e5932c580e086b8e5ce735e84ee30540493417cb07c66373d7e66fc9ef
libvorbis-1.1.0-2.el4.5.ppc64.rpm	SHA-256: fa17ca6474e352601da5bd929a98138b42cc9126e5747c320be7d92f18ecd591
libvorbis-devel-1.1.0-2.el4.5.ppc.rpm	SHA-256: 80ad21099735adab5571bbf4ca71f6d8cc210a76563b8541120c40fb55f1ef72

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5

SRPM
libvorbis-1.1.0-2.el4.5.src.rpm	SHA-256: 885de3d9fd3fdf76b77b858ec93ff2fce559dd2cf6c2c33ada215f4b5a443466
ppc
libvorbis-1.1.0-2.el4.5.ppc.rpm	SHA-256: 5c0f49e5932c580e086b8e5ce735e84ee30540493417cb07c66373d7e66fc9ef
libvorbis-1.1.0-2.el4.5.ppc64.rpm	SHA-256: fa17ca6474e352601da5bd929a98138b42cc9126e5747c320be7d92f18ecd591
libvorbis-devel-1.1.0-2.el4.5.ppc.rpm	SHA-256: 80ad21099735adab5571bbf4ca71f6d8cc210a76563b8541120c40fb55f1ef72

Red Hat Enterprise Linux Server from RHUI 5

SRPM
libvorbis-1.1.2-3.el5.0.src.rpm	SHA-256: 955f33a6c30c8ce4fba47c696769fa156a77ff9bbaeae5fe32281756a153a875
x86_64
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 0f1fee7f34367d4308df724dfe18d8490da211bf803a1c460972bed2da426697
libvorbis-devel-1.1.2-3.el5.0.i386.rpm	SHA-256: 1ae7f870fd1c611bb49ab0f3c8c29a1d036923b79b742792efd64b059596374e
libvorbis-devel-1.1.2-3.el5.0.x86_64.rpm	SHA-256: 5c7da6b84949ea899cb3e82757c0172156516c23e228f728be706587fca0c6cd
i386
libvorbis-1.1.2-3.el5.0.i386.rpm	SHA-256: f628e0398cdab9446f04152b7f051375b133d4a355ee4241ef439b0b2d1e6d6f
libvorbis-devel-1.1.2-3.el5.0.i386.rpm	SHA-256: 1ae7f870fd1c611bb49ab0f3c8c29a1d036923b79b742792efd64b059596374e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.