Bob Clary, Dan Kaminsky and David Keeler discovered that in libtheora, a
video library part of the Ogg project, several flaws allow
context-dependent attackers via a large and specially crafted media
file, to cause a denial of service (crash of the player using this
library), and possibly arbitrary code execution.
For the stable distribution (lenny), this problem has been fixed in
version 1.0~beta3-1+lenny1.
For the testing distribution (squeeze), this problem has been fixed in
version 1.1.0-1.
For the unstable distribution (sid), this problem has been fixed in
version 1.1.0-1.
We recommend that you upgrade your libtheora packages.