-
libsndfile (1.0.25-10ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2017-12562.patch: Size buffer correctly in
src/common.c to prevent buffer overflows.
- CVE-2017-12562
-- Avital Ostromich <email address hidden> Thu, 14 Jan 2021 19:46:45 -0500
-
libsndfile (1.0.25-10ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: multiple security issues
- debian/patches/*.patch: sync multiple security patches with 1.0.28-6.
- CVE-2017-6892, CVE-2017-14245, CVE-2017-14246, CVE-2017-14634,
CVE-2017-16942, CVE-2017-17456, CVE-2017-17457, CVE-2018-13139,
CVE-2018-19432, CVE-2018-19661, CVE-2018-19662, CVE-2018-19758,
CVE-2019-3832
-- Marc Deslauriers <email address hidden> Fri, 07 Jun 2019 14:35:20 -0400
-
libsndfile (1.0.25-10ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: multiple security issues
- debian/patches/*: synchronize security fixes with Debian's
1.0.25-9.1+deb7u2 release. Thanks!
- CVE-2017-7585, CVE-2017-7586, CVE-2017-7741, CVE-2017-7742,
CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365
-- Marc Deslauriers <email address hidden> Wed, 31 May 2017 09:38:37 -0400
-
libsndfile (1.0.25-10) unstable; urgency=low
* debian/patches :
- Add 02_sd2_buffer_read_overflow.diff (CVE-2014-9496, closes: #774162).
- Add 03_file_io_divide_by_zero.diff (CVE-2014-9756, closes: #804447).
- Add 04_fix_aiff_heap_overflow.diff (CVE-2015-7805, closes: #804445).
* debian/control: Standards version 3.9.6. No changes needed.
-- Erik de Castro Lopo <email address hidden> Tue, 10 Nov 2015 20:36:47 +1100
-
libsndfile (1.0.25-9.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix CVE-2014-9496: buffer overread issues (closes: #774162).
-- Michael Gilbert <email address hidden> Mon, 26 Jan 2015 01:32:01 +0000
