Package "libsndfile1-dev"
Name: |
libsndfile1-dev
|
Description: |
Development files for libsndfile; a library for reading/writing audio files
|
Latest version: |
1.0.25-4ubuntu0.1 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Head package: |
libsndfile |
Homepage: |
http://www.mega-nerd.com/libsndfile/ |
Links
Download "libsndfile1-dev"
Other versions of "libsndfile1-dev" in Precise
Changelog
libsndfile (1.0.25-4ubuntu0.1) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via segfault in SD2 RSRC parser
- debian/patches/01_sd2_rsrc_segfault.diff: check bounds in src/sd2.c.
* SECURITY UPDATE: denial of service via out-of-bounds read
- debian/patches/CVE-2014-9496.patch: check map offset and rsrc marker
in src/sd2.c.
- CVE-2014-9496
* SECURITY UPDATE: denial of service via division-by-zero
- debian/patches/CVE-2014-9756.patch: check bytes and items in
src/file_io.c.
- CVE-2014-9756
* SECURITY UPDATE: heap overflow via AIFF file headindex value
- debian/patches/CVE-2015-7805.patch: use headend in src/common.c.
- CVE-2015-7805
-- Marc Deslauriers Mon, 07 Dec 2015 10:06:39 -0500
|
CVE-2014-9496 |
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rs |
CVE-2014-9756 |
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via uns |
CVE-2015-7805 |
Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF f |
|
About
-
Send Feedback to @ubuntu_updates