[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 985-1] libsndfile security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libsndfile
Version        : 1.0.25-9.1+deb7u3
CVE ID         : CVE-2017-6892
Debian Bug     : #864704

It was discovered that there was a vulnerability in libsndfile, a library for
reading/writing audio files. A specially-crafted AIFF ("Audio Interchange File
Format") file could result in an out-of-bounds memory read.

For Debian 7 "Wheezy", this issue has been fixed in libsndfile version
1.0.25-9.1+deb7u3.

We recommend that you upgrade your libsndfile packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllB0jYACgkQHpU+J9Qx
HliP4RAAufAx/sudTBUhbRT/J3QviNq+yULSuK4eQHTlajMC+/GMM305Sa6FqVj3
f4lP9YKfwFdJWj6gxCpw4CloF/egPaiQRUtjtWKCdzK/5Tiffe7gCivQMfVsDAVk
91JZmE9+ZFgLpwuW9udiGa9GJRWz9ETMapll0T7beJ812N79koKBagz4ubNt513w
XmQqJAtt4Pz+0gr5mkID3cqqq4ouitAER929BT/rJ0Q4iQWB4UKLPIGfGteuA6rc
DjwJs5Hobsf2zeCQ5om1l2kaYzk21rReEZ8D38TFWDr7qmjBHcfx0C55h0a8hpFQ
CSEl3Kdcfyosth4s1QCm3MelztiOIjPByECr4R0DHDvkUnGD6ClTtCTGoD2BMAYZ
97pdXR90C2ExcUF5Zs/CmvxXQYVH29H7ZEiOJnOnJwE0sJKnPlYOXr3bpJhJu+3/
JBXkDN+vGSAWrBBp0hAWwmldxkkmVO6A/A0VX+jpmh19tASKOxHNhoXVTXfxZmEW
eVw9pm/0OdceGyWOaY1UHidtNb24VfOzw0kKtmeS0FzZsGkBq66qHBbSj+wUEjEi
j5etjpYFIwPWxUPO+xYBG0/e1IBk1XOgcqQBtEk+985+VN7E3dhaSOtS9VNH7LXH
DGm3km+L4eVeWgU3R6I1DmkogpgRjHJde/YP8TGtjrOHjJxXRPo=
=3Jt9
-----END PGP SIGNATURE-----


Reply to: