A flaw was found in libvorbis 1.3.5. The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 can cause a denial of service(OOM) via a crafted wav file. References: http://seclists.org/fulldisclosure/2017/Jul/82
Created libvorbis tracking bugs for this issue: Affects: fedora-all [bug 1480650] Created mingw-libvorbis tracking bugs for this issue: Affects: epel-7 [bug 1480649] Affects: fedora-all [bug 1480648]