UbuntuUpdates.org

Package "libsndfile"

Name: libsndfile

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Sample programs that use libsndfile
Latest version: 1.0.31-2ubuntu0.2
Release: jammy (22.04)
Level: updates
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libsndfile" in Jammy

Repository Area Version
base main 1.0.31-2build1
base universe 1.0.31-2build1
security universe 1.0.31-2ubuntu0.2
security main 1.0.31-2ubuntu0.2
updates main 1.0.31-2ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.0.31-2ubuntu0.2 2025-02-19 01:06:55 UTC

  libsndfile (1.0.31-2ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2021-4156.patch: addresses improper buffer reusing
    - CVE-2021-4156
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2024-50612.patch: adds better error checking for
      vorbis.
    - CVE-2024-50612

 -- Ian Constantin <email address hidden> Wed, 12 Feb 2025 23:51:50 +0200
Source diff to previous version
CVE-2021-4156 An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricki
CVE-2024-50612 libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

Version: 1.0.31-2ubuntu0.1 2023-11-03 00:08:47 UTC

  libsndfile (1.0.31-2ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow vulnerability
    - debian/patches/CVE-2022-33065/CVE-2022-33065-*.patch: fix various
      numeric overflow vulnerabilities.
    - CVE-2022-33065

 -- Fabian Toepfer <email address hidden> Thu, 02 Nov 2023 16:42:46 +0100
CVE-2022-33065 Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile,


About   -   Send Feedback to @ubuntu_updates