Debian
audiofile package

audiofile 0.3.6-2+deb8u2 source package in Debian

Changelog

audiofile (0.3.6-2+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Address several vulnerabilities (Closes: #857651)
    - Always check the number of coefficients (CVE-2017-6827 CVE-2017-6828
      CVE-2017-6832 CVE-2017-6833 CVE-2017-6835 CVE-2017-6837)
    - clamp index values to fix index overflow in IMA.cpp (CVE-2017-6829)
    - Check for multiplication overflow in sfconvert (CVE-2017-6830
      CVE-2017-6834 CVE-2017-6836 CVE-2017-6838)
    - Actually fail when error occurs in parseFormat (CVE-2017-6831)
    - Check for multiplication overflow in MSADPCM decodeSample
      (CVE-2017-6839)
  * Fix signature of multiplyCheckOverflow. It returns a bool, not an int
  * Check for division by zero in BlockCodec::runPull

 -- Salvatore Bonaccorso <email address hidden>  Sat, 18 Mar 2017 19:28:56 +0100

Upload details

Uploaded by:
Debian Multimedia Maintainers
Uploaded to:
Jessie
Original maintainer:
Debian Multimedia Maintainers
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Jessie release main libs

Builds

Downloads

File Size SHA-256 Checksum
audiofile_0.3.6-2+deb8u2.dsc 2.3 KiB 381b03e1b3f7270bcca367769b685e3e6a461cfb5a9ff2f30a72bf9e60205e6b
audiofile_0.3.6.orig.tar.gz 792.7 KiB cdc60df19ab08bfe55344395739bb08f50fc15c92da3962fac334d3bff116965
audiofile_0.3.6-2+deb8u2.debian.tar.xz 15.1 KiB 6f08b8d898317e92b42722f8040d1c6c42ceb717068f40b66251486656910738

No changes file available.

Binary packages built by this source