Debian Liboggplay vulnerabilities

CVE-2009-3388 [CRITICAL] CVE-2009-3388: liboggplay - liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 migh... liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues." Scope: local bookworm: resolved (fixed in 0.2.1~git20091227-1.1) bullseye: resolved (fixed in 0.2.1~git20091227-

CVE-2009-3378 [CRITICAL] CVE-2009-3378: liboggplay - The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay... The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and applicatio