Overview

File _patchinfo of Package patchinfo.4174

<patchinfo incident="4174">
  <issue id="953516" tracker="bnc">VUL-0: CVE-2015-7805:  libsndfile: 1.0.25 heap overflow</issue>
  <issue id="953519" tracker="bnc">VUL-0: CVE-2015-8075: libsndfile 1.0.25 heap overflow</issue>
  <issue id="953521" tracker="bnc">VUL-1: CVE-2014-9756: libsndfile DoS/divide-by-zero</issue>
  <issue id="CVE-2015-8075" tracker="cve" />
  <issue id="CVE-2014-9756" tracker="cve" />
  <issue id="CVE-2015-7805" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tiwai</packager>
  <description>The libsndfile package was updated to fix three security issues:

- CVE-2015-7805: fix for heap overflow via specially crafted AIFF header
  (bsc#953516)
- CVE-2015-8075: fix for out of bounds read access in function
  psf_strlcpy_crlf (bsc#953519)
- CVE-2014-9756: fix a divide-by-zero issue that can lead to an DoS
  (bsc#953521)
</description>
  <summary>Security update for libsndfile</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places