I ran into a related exploit on the internet and noticed we don't have a bug or an update yet. Please see #566680 for a fix.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86"
Stable for PPC64.
Stable for HPPA.
Builds fine on x86, redeps build fine as well. Please mark stable for x86.
Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Author: Justin Lecher <firstname.lastname@example.org>
Date: Tue Jan 26 09:51:14 2016 +0100
media-libs/libsndfile: Drop version vulnerable for CVE-2015-7805
Signed-off-by: Justin Lecher <email@example.com>
@sec, clean again.
Arches and Maintainer(s), Thank you for your work.
New GLSA Request filed.
This issue was resolved and addressed in
GLSA 201612-03 at https://security.gentoo.org/glsa/201612-03
by GLSA coordinator Aaron Bauman (b-man).