DSA-1742-1

Name	DSA-1742-1
Source	Debian
Description	libsndfile - arbitrary code execution
References	CVE-2009-0186
Debian/oldstable	not vulnerable
Debian/stable	not vulnerable
Debian/testing	not known to be vulnerable
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
libsndfile (PTS)	etch	1.0.16-2+etch1	fixed
	etch (security)	1.0.16-2+etch2	fixed
	lenny, lenny (security)	1.0.17-4+lenny2	fixed

The next table lists affected binary packages.

Binary Package	Release	Version	Status	Architecures
libsndfile1, libsndfile1-dev, sndfile-programs	etch	1.0.16-2+etch1	fixed	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
	etch (security)	1.0.16-2+etch1	fixed	arm
	etch (security)	1.0.16-2+etch2	fixed	alpha, amd64, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
	lenny, lenny (security)	1.0.17-4+lenny2	fixed	alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
libsndfile	source	etch	1.0.16-2+etch1	unknown
libsndfile	source	lenny	1.0.17-4+lenny1	unknown

Home - Testing Security Team - Debian Security - Imprint