Summary: | <media-libs/libsndfile-1.0.26: AIFF heap write overflow (CVE-2015-7805) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sebastian Pipping <sping> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | sound |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/erikd/libsndfile/issues/106 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 566680 | ||
Bug Blocks: |
Description
Sebastian Pipping
2015-11-23 23:42:05 UTC
Arches, please test and mark stable: =media-libs/libsndfile-1.0.26 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86" Stable for PPC64. amd64 stable Stable for HPPA. arm stable ppc stable Builds fine on x86, redeps build fine as well. Please mark stable for x86. x86 stable sparc stable alpha stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. commit 6f4d6d4e5f9402581ccb90dcba045a509b03a99a Author: Justin Lecher <jlec@gentoo.org> Date: Tue Jan 26 09:51:14 2016 +0100 media-libs/libsndfile: Drop version vulnerable for CVE-2015-7805 Package-Manager: portage-2.2.27 Signed-off-by: Justin Lecher <jlec@gentoo.org> https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f4d6d4e5f9402581ccb90dcba045a509b03a99a @sec, clean again. Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. This issue was resolved and addressed in GLSA 201612-03 at https://security.gentoo.org/glsa/201612-03 by GLSA coordinator Aaron Bauman (b-man). |