-
audiofile (0.3.6-2ubuntu0.14.04.3) trusty-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-13440.patch: fix in
libaudiofile/modules/ModuleState.cpp.
- CVE-2018-13440
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2018-17095.patch: fix in
libaudiofile/modules/SimpleModule.cpp.
- CVE-2018-17095
-- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Oct 2018 15:12:20 -0300
-
audiofile (0.3.6-2ubuntu0.14.04.2) trusty-security; urgency=high
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005)
- Apply patches from Debian 0.3.6-4:
+ 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ 05_Always-check-the-number-of-coefficients.patch
+ 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ 07_Check-for-multiplication-overflow-in-sfconvert.patch
+ 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ 09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
- CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830,
CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834,
CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838,
CVE-2017-6839
-- Jeremy Bicha <email address hidden> Thu, 16 Mar 2017 21:43:45 +0100
-
audiofile (0.3.6-2ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overflow when changing both sample format and
number of channels (LP: #1502721)
- debian/patches/CVE-2015-7747.patch: don't corrupt files in
libaudiofile/modules/ModuleState.cpp, added test to test/Makefile.am,
test/sixteen-stereo-to-eight-mono.c.
- CVE-2015-7747
-- Marc Deslauriers <email address hidden> Tue, 20 Oct 2015 07:57:26 -0400
-
audiofile (0.3.6-2) unstable; urgency=low
* Upload to unstable.
-- Alessio Treglia <email address hidden> Tue, 07 May 2013 09:19:52 +0200
