File _patchinfo of Package patchinfo.4624
<patchinfo incident="4624"> <issue id="1036943" tracker="bnc">VUL-1: CVE-2017-8362: libsndfile: invalid memory read in flac_buffer_copy (flac.c)</issue> <issue id="1033914" tracker="bnc">VUL-0: CVE-2017-7742: libsndfile: versions before 1.0.28, function flac_buffer_copy() read memory access issue</issue> <issue id="1033915" tracker="bnc">VUL-0: CVE-2017-7741: libsndfile: versions before 1.0.28 have write memory access issue on function flac_buffer_copy()</issue> <issue id="1036946" tracker="bnc">VUL-0: CVE-2017-8365: libsndfile: global buffer overflow in i2les_array (pcm.c)</issue> <issue id="1036944" tracker="bnc">VUL-1: CVE-2017-8361: libsndfile: global buffer overflow in flac_buffer_copy (flac.c)</issue> <issue id="1036945" tracker="bnc">VUL-0: CVE-2017-8363: libsndfile: heap-based buffer overflow in flac_buffer_copy (flac.c)</issue> <issue id="1033054" tracker="bnc">VUL-1: CVE-2017-7585, CVE-2017-7741, CVE-2017-7742: libsndfile: stack-based buffer overflow via a specially crafted FLAC file (error in the "flac_buffer_copy()" function)</issue> <issue id="1038856" tracker="bnc">Memory leaks in libsndfile</issue> <issue id="2017-8365" tracker="cve" /> <issue id="2017-8363" tracker="cve" /> <issue id="2017-8362" tracker="cve" /> <issue id="2017-8361" tracker="cve" /> <issue id="2017-7741" tracker="cve" /> <issue id="2017-7742" tracker="cve" /> <issue id="2017-7585" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>tiwai</packager> <summary>Security update for libsndfile</summary> <description> This update for libsndfile fixes the following issues: - CVE-2017-8361: Global buffer overflow in flac_buffer_copy. (bsc#1036946) - CVE-2017-8362: Invalid memory read in flac_buffer_copy. (bsc#1036943) - CVE-2017-8363: Heap-based buffer overflow in flac_buffer_copy. (bsc#1036945) - CVE-2017-7585, CVE-2017-7741, CVE-2017-7742: Stack-based buffer overflows via specially crafted FLAC files. (bsc#1033054) </description> </patchinfo>
