vorbis 1.3.7

libvorbis 1.3.7 (2020-07-04) -- "Xiph.Org libVorbis I 20200704 (Reducing Environment)"

• Fix CVE-2018-10393 - out-of-bounds read encoding very low sample rates.
• Fix CVE-2017-14160 - out-of-bounds read encoding very low sample rates.
• Fix CVE-2018-10392 - out-of-bounds access encoding invalid channel count.
• Fix handling invalid bytes per sample arguments.
• Fix handling invalid channel count arguments.
• Fix invalid free on seek failure.
• Fix negative shift reading blocksize.
• Fix accepting unreasonable float32 values.
• Fix tag comparison depending on locale.
• Fix unnecessarily linking libm.
• Fix memory leak in test_sharedbook.
• Update Visual Studio projects for ogg library filename change.
• Distribute CMake build files with the source package.
• Remove unnecessary configure --target switch.
• Add gitlab CI support.
• Add OSS-Fuzz support.
• Build system and integration updates.

Source package checksums

b33cc4934322bcbf6efcbacf49e3ca01aadbea4114ec9589d1b1e9d20f72954b  libvorbis-1.3.7.tar.xz
0e982409a9c3fc82ee06e08205b1355e5c6aa4c36bca58146ef399621b0ce5ab  libvorbis-1.3.7.tar.gz
57c8bc92d2741934b8dc939af49c2639edc44b8879cba2ec14ad3189e2814582  libvorbis-1.3.7.zip