An issue was discovered in libsndfile 1.0.28. There is an out of bounds read at function sf_write_int, will lead to a denial of service or the others.
@maintainer(s): reported as fixed by
Gentoo Security Padawan
Potential Patches (as per RedHat Bug)
But appears to need this one, too (fix for CVE-2018-13139):
Also Debian has this fixed: 1.0.25-9.1+deb8u2
Maintainer(s) please advise.
This issue was resolved and addressed in
GLSA 202007-65 at https://security.gentoo.org/glsa/202007-65
by GLSA coordinator Sam James (sam_c).