These are all security issues fixed in the libvorbis-devel-1.3.7-1.6 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "libvorbis-devel": "1.3.7-1.6", "libvorbis-devel-32bit": "1.3.7-1.6", "libvorbisfile3": "1.3.7-1.6", "libvorbis0-32bit": "1.3.7-1.6", "libvorbisfile3-32bit": "1.3.7-1.6", "libvorbisenc2-32bit": "1.3.7-1.6", "libvorbisenc2": "1.3.7-1.6", "libvorbis0": "1.3.7-1.6" } ] }