libsndfile 1.0.17-4ubuntu0.8.04.2 source package in Ubuntu
Changelog
libsndfile (1.0.17-4ubuntu0.8.04.2) hardy-security; urgency=low
* SECURITY UPDATE: fix heap overflows when processing crafted VOC and AIFF
headers
- debian/patches/security_CVE-2009-1788+1791.dpatch: adjust
voc_read_header() in voc.c to verify the user controlled size before
using psf_binheader_readf(). Do the same for aiff_read_header() in
aiff.c for pstr_len.
- CVE-2009-1788
- CVE-2009-1791
-- Jamie Strandboge <email address hidden> Wed, 07 Oct 2009 15:46:58 -0500
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Hardy
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- devel
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libsndfile_1.0.17.orig.tar.gz | 800.2 KiB | 1792e4e60386b450ef8ec07c756e8f3ecfe96ebda7d0b09148da5f436d065ef2 |
| libsndfile_1.0.17-4ubuntu0.8.04.2.diff.gz | 10.7 KiB | dcf119ecb9da9d2ba18ba72c8ce941db7b5bacca7d588023be020580c4b0d5b5 |
| libsndfile_1.0.17-4ubuntu0.8.04.2.dsc | 824 bytes | debc666fde20f26c706509c519e1060d7fa30b07a0d0df59cd720a7edb1f3568 |
Available diffs
Binary packages built by this source
- libsndfile1: No summary available for libsndfile1 in ubuntu hardy.
No description available for libsndfile1 in ubuntu hardy.
- libsndfile1-dev: No summary available for libsndfile1-dev in ubuntu hardy.
No description available for libsndfile1-dev in ubuntu hardy.
- sndfile-programs: No summary available for sndfile-programs in ubuntu hardy.
No description available for sndfile-programs in ubuntu hardy.
