Changelog
libsndfile (1.0.18-2+squeeze1) testing-security; urgency=high
* Non-maintainer upload by the Testing Security Team.
* Upload to testing due to several issues blocking migration of new release
* The following issues are fixed:
- CVE-2009-1788: heap-based buffer overflow in voc_read_header
leading to arbitrary code execution via crafted VOC headers.
- CVE-2009-1791: heap-based buffer overflow in aiff_read_header
leading to arbitrary code execution via crafted AIFF headers.
(Closes: #528650).
- CVE-2009-0186: integer overflow leading to a heap-based buffer overflow
via a crafted CAF file by limiting the number of channels per frame.
-- Raphael Geissert <email address hidden> Fri, 11 Sep 2009 21:50:21 -0500