Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for libsndfile

This update for libsndfile fixes the following security issues:

- CVE-2017-7586: A stack-based buffer overflow via a specially crafted FLAC
file was fixed (error in the "header_read()" function) (bsc#1033053)
- CVE-2017-7585,CVE-2017-7741, CVE-2017-7742: Several stack-based buffer overflows via a specially crafted FLAC
file (error in the "flac_buffer_copy()" function) were fixed (bsc#1033054,bsc#1033915,bsc#1033914).

This update was imported from the SUSE:SLE-12:Update update project.

Fixed bugs
bnc#1033054
VUL-1: CVE-2017-7585: libsndfile: stack-based buffer overflow via a specially crafted FLAC file (error in the "flac_buffer_copy()" function)
bnc#1033053
VUL-1: CVE-2017-7586: libsndfile: stack-based buffer overflow via a specially crafted FLAC file (error in the "header_read()" function)
bnc#1033914
VUL-0: CVE-2017-7742: libsndfile: versions before 1.0.28, function flac_buffer_copy() read memory access issue
bnc#1033915
VUL-0: CVE-2017-7741: libsndfile: versions before 1.0.28 have write memory access issue on function flac_buffer_copy()
CVE-2017-7586
CVE-2017-7585
CVE-2017-7741
CVE-2017-7742
Selected Binaries
openSUSE Build Service is sponsored by
Places