Opened 8 years ago

Closed 8 years ago

#7161 closed enhancement (fixed)


Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.9
Component: BOOK Version: SVN
Severity: normal Keywords:


Security Update

CVE-2014-9496, CVE-2014-9756, CVE-2015-7805


Erik de Castro Lopo | 22 Nov 20:31 2015

Version 1.0.26 released

Hi all,

After an embarrasingly long time between releases, I am pleased to
announce the release of libsndfile 1.0.26.

Main things of note are:

  * Fix for CVE-2014-9496, SD2 buffer read overflow.
  * Fix for CVE-2014-9756, file_io.c divide by zero.
  * Fix for CVE-2015-7805, AIFF heap write overflow.
  * Add support for ALAC encoder in a CAF container.
  * Add support for Cart chunks in WAV files.
  * Minor bug fixes and improvements.

Its available here:


Change History (2)

comment:1 by Fernando de Oliveira, 8 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16683.

Note: See TracTickets for help on using tickets.