Opened 9 years ago

Closed 9 years ago

#7161 closed enhancement (fixed)

libsndfile-1.0.26

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.9
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Security Update

CVE-2014-9496, CVE-2014-9756, CVE-2015-7805

http://www.mega-nerd.com/libsndfile/files/libsndfile-1.0.26.tar.gz

http://www.mega-nerd.com/libsndfile/files/libsndfile-1.0.26.tar.gz.asc

http://www.mega-nerd.com/libsndfile/NEWS

or

http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/705

Erik de Castro Lopo | 22 Nov 20:31 2015

Version 1.0.26 released

Hi all,

After an embarrasingly long time between releases, I am pleased to
announce the release of libsndfile 1.0.26.

Main things of note are:

  * Fix for CVE-2014-9496, SD2 buffer read overflow.
  * Fix for CVE-2014-9756, file_io.c divide by zero.
  * Fix for CVE-2015-7805, AIFF heap write overflow.
  * Add support for ALAC encoder in a CAF container.
  * Add support for Cart chunks in WAV files.
  * Minor bug fixes and improvements.

Its available here:

    http://www.mega-nerd.com/libsndfile/#Download

Cheers,
Erik

Change History (2)

comment:1 by Fernando de Oliveira, 9 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 9 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16683.

Note: See TracTickets for help on using tickets.