Opened 9 years ago
Closed 9 years ago
#7161 closed enhancement (fixed)
libsndfile-1.0.26
Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
---|---|---|---|
Priority: | high | Milestone: | 7.9 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
Security Update
CVE-2014-9496, CVE-2014-9756, CVE-2015-7805
http://www.mega-nerd.com/libsndfile/files/libsndfile-1.0.26.tar.gz
http://www.mega-nerd.com/libsndfile/files/libsndfile-1.0.26.tar.gz.asc
http://www.mega-nerd.com/libsndfile/NEWS
or
http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/705
Erik de Castro Lopo | 22 Nov 20:31 2015 Version 1.0.26 released Hi all, After an embarrasingly long time between releases, I am pleased to announce the release of libsndfile 1.0.26. Main things of note are: * Fix for CVE-2014-9496, SD2 buffer read overflow. * Fix for CVE-2014-9756, file_io.c divide by zero. * Fix for CVE-2015-7805, AIFF heap write overflow. * Add support for ALAC encoder in a CAF container. * Add support for Cart chunks in WAV files. * Minor bug fixes and improvements. Its available here: http://www.mega-nerd.com/libsndfile/#Download Cheers, Erik
Change History (2)
comment:1 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 9 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r16683.