CVE-2007-4974

Name	CVE-2007-4974
Description	Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1442-1
Debian Bugs	443386, 445889

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
ardour (PTS)	buster	1:5.12.0-3	fixed
	bullseye	1:6.5.0+ds0-1	fixed
	bookworm	1:7.3.0+ds0-1	fixed
	sid, trixie	1:8.6.0+ds-1	fixed
libsndfile (PTS)	buster	1.0.28-6+deb10u1	fixed
	buster (security)	1.0.28-6+deb10u2	fixed
	bullseye	1.0.31-2	fixed
	bookworm	1.2.0-1	fixed
	sid, trixie	1.2.2-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
ardour	source	sarge	(not affected)
ardour	source	etch	(not affected)
ardour	source	(unstable)	1:2.1-1.1	medium		445889
libsndfile	source	sarge	(not affected)
libsndfile	source	etch	1.0.16-2		DSA-1442-1
libsndfile	source	(unstable)	1.0.17-4	medium		443386

Notes

[sarge] - libsndfile <not-affected> (Vulnerable code not present)
[sarge] - ardour <not-affected> (Vulnerable code not present)
[etch] - ardour <not-affected> (Vulnerable code not present)