Opened 10 years ago
Closed 10 years ago
#7161 closed enhancement (fixed)
libsndfile-1.0.26
| Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
|---|---|---|---|
| Priority: | high | Milestone: | 7.9 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Security Update
CVE-2014-9496, CVE-2014-9756, CVE-2015-7805
http://www.mega-nerd.com/libsndfile/files/libsndfile-1.0.26.tar.gz
http://www.mega-nerd.com/libsndfile/files/libsndfile-1.0.26.tar.gz.asc
http://www.mega-nerd.com/libsndfile/NEWS
or
http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/705
Erik de Castro Lopo | 22 Nov 20:31 2015
Version 1.0.26 released
Hi all,
After an embarrasingly long time between releases, I am pleased to
announce the release of libsndfile 1.0.26.
Main things of note are:
* Fix for CVE-2014-9496, SD2 buffer read overflow.
* Fix for CVE-2014-9756, file_io.c divide by zero.
* Fix for CVE-2015-7805, AIFF heap write overflow.
* Add support for ALAC encoder in a CAF container.
* Add support for Cart chunks in WAV files.
* Minor bug fixes and improvements.
Its available here:
http://www.mega-nerd.com/libsndfile/#Download
Cheers,
Erik
Change History (2)
comment:1 by , 10 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 10 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r16683.