libsndfile 1.0.17-4ubuntu0.8.04.2 source package in Ubuntu

Changelog

libsndfile (1.0.17-4ubuntu0.8.04.2) hardy-security; urgency=low

  * SECURITY UPDATE: fix heap overflows when processing crafted VOC and AIFF
    headers
    - debian/patches/security_CVE-2009-1788+1791.dpatch: adjust
      voc_read_header() in voc.c to verify the user controlled size before
      using psf_binheader_readf(). Do the same for aiff_read_header() in
      aiff.c for pstr_len.
    - CVE-2009-1788
    - CVE-2009-1791

 -- Jamie Strandboge <email address hidden>   Wed, 07 Oct 2009 15:46:58 -0500

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libsndfile_1.0.17.orig.tar.gz 800.2 KiB 1792e4e60386b450ef8ec07c756e8f3ecfe96ebda7d0b09148da5f436d065ef2
libsndfile_1.0.17-4ubuntu0.8.04.2.diff.gz 10.7 KiB dcf119ecb9da9d2ba18ba72c8ce941db7b5bacca7d588023be020580c4b0d5b5
libsndfile_1.0.17-4ubuntu0.8.04.2.dsc 824 bytes debc666fde20f26c706509c519e1060d7fa30b07a0d0df59cd720a7edb1f3568

View changes file

Binary packages built by this source

libsndfile1: No summary available for libsndfile1 in ubuntu hardy.

No description available for libsndfile1 in ubuntu hardy.

libsndfile1-dev: No summary available for libsndfile1-dev in ubuntu hardy.

No description available for libsndfile1-dev in ubuntu hardy.

sndfile-programs: No summary available for sndfile-programs in ubuntu hardy.

No description available for sndfile-programs in ubuntu hardy.