Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 566680 - media-libs/libsndfile-1.0.26 version bump
Summary: media-libs/libsndfile-1.0.26 version bump
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Library (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Sound Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: CVE-2014-9756 CVE-2014-9496 CVE-2015-7805
  Show dependency tree
 
Reported: 2015-11-23 23:31 UTC by Sebastian Pipping
Modified: 2015-11-24 14:23 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Pipping gentoo-dev 2015-11-23 23:31:59 UTC
Fixes several security issues, raising urgency.  Quoting the change log:


--8<--------8<--------8<--------8<--------8<--------8<--
Version 1.0.26 (2015-11-22)
  * Fix for CVE-2014-9496, SD2 buffer read overflow.
  * Fix for CVE-2014-9756, file_io.c divide by zero.
  * Fix for CVE-2015-7805, AIIF heap write overflow.
--8<--------8<--------8<--------8<--------8<--------8<--
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2015-11-23 23:48:53 UTC
commit 9c4b7d38cca7de8c15a17adcd077c4825a6bf077
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Tue Nov 24 00:48:14 2015

    media-libs/libsndfile: Security bump to version 1.0.26 (bug #566680).

    Package-Manager: portage-2.2.25
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>