These are all security issues fixed in the vorbis-tools-1.4.0-22.6 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "vorbis-tools": "1.4.0-22.6", "vorbis-tools-lang": "1.4.0-22.6" } ] }