Overview

File _patchinfo of Package patchinfo.4606

<patchinfo incident="4606">
  <issue id="1033054" tracker="bnc">VUL-1: CVE-2017-7585: libsndfile: stack-based buffer overflow via a specially crafted FLAC file (error in the "flac_buffer_copy()" function)</issue>
  <issue id="1033053" tracker="bnc">VUL-1: CVE-2017-7586: libsndfile: stack-based buffer overflow via a specially crafted FLAC file (error in the "header_read()" function)</issue>
  <issue id="1033914" tracker="bnc">VUL-0: CVE-2017-7742: libsndfile: versions before 1.0.28, function flac_buffer_copy() read memory access issue</issue>
  <issue id="1033915" tracker="bnc">VUL-0: CVE-2017-7741: libsndfile: versions before 1.0.28 have write memory access issue on function flac_buffer_copy()</issue>
  <issue id="2017-7586" tracker="cve" />
  <issue id="2017-7585" tracker="cve" />
  <issue id="2017-7741" tracker="cve" />
  <issue id="2017-7742" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tiwai</packager>
  <description>
This update for libsndfile fixes the following security issues:

- CVE-2017-7586: A stack-based buffer overflow via a specially crafted FLAC
  file was fixed (error in the "header_read()" function) (bsc#1033053)
- CVE-2017-7585,CVE-2017-7741, CVE-2017-7742: Several stack-based buffer overflows via a specially crafted FLAC
  file (error in the "flac_buffer_copy()" function) were fixed (bsc#1033054,bsc#1033915,bsc#1033914).
</description>
  <summary>Security update for libsndfile</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places