I ran into a related exploit on the internet and noticed we don't have a bug or an update yet. Please see #566680 for a fix.
Arches, please test and mark stable: =media-libs/libsndfile-1.0.26 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86"
Stable for PPC64.
amd64 stable
Stable for HPPA.
arm stable
ppc stable
Builds fine on x86, redeps build fine as well. Please mark stable for x86.
x86 stable
sparc stable
alpha stable
ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
commit 6f4d6d4e5f9402581ccb90dcba045a509b03a99a Author: Justin Lecher <jlec@gentoo.org> Date: Tue Jan 26 09:51:14 2016 +0100 media-libs/libsndfile: Drop version vulnerable for CVE-2015-7805 Package-Manager: portage-2.2.27 Signed-off-by: Justin Lecher <jlec@gentoo.org> https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f4d6d4e5f9402581ccb90dcba045a509b03a99a
@sec, clean again.
Arches and Maintainer(s), Thank you for your work. New GLSA Request filed.
This issue was resolved and addressed in GLSA 201612-03 at https://security.gentoo.org/glsa/201612-03 by GLSA coordinator Aaron Bauman (b-man).