Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 566680

Summary: media-libs/libsndfile-1.0.26 version bump
Product: Gentoo Linux Reporter: Sebastian Pipping <sping>
Component: [OLD] LibraryAssignee: Gentoo Sound Team <sound>
Status: RESOLVED FIXED    
Severity: major    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 533700, 533750, 566682    

Description Sebastian Pipping gentoo-dev 2015-11-23 23:31:59 UTC 
Fixes several security issues, raising urgency.  Quoting the change log:


--8<--------8<--------8<--------8<--------8<--------8<--
Version 1.0.26 (2015-11-22)
  * Fix for CVE-2014-9496, SD2 buffer read overflow.
  * Fix for CVE-2014-9756, file_io.c divide by zero.
  * Fix for CVE-2015-7805, AIIF heap write overflow.
--8<--------8<--------8<--------8<--------8<--------8<--
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2015-11-23 23:48:53 UTC 
commit 9c4b7d38cca7de8c15a17adcd077c4825a6bf077
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Tue Nov 24 00:48:14 2015

    media-libs/libsndfile: Security bump to version 1.0.26 (bug #566680).

    Package-Manager: portage-2.2.25
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>