Information on source package audiofile

Available versions

ReleaseVersion
wheezy0.3.4-2
wheezy (security)0.3.4-2+deb7u1
jessie (security)0.3.6-2+deb8u2
stretch0.3.6-4
buster0.3.6-4
sid0.3.6-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2015-7747vulnerable (no DSA)fixedfixedfixedfixedWhen changing both sample format and number of channels, data gets corrupted; if new sample format smaller than old, possible buffer overflow

Resolved issues

BugDescription
CVE-2017-6839Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka ...
CVE-2017-6838Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka ...
CVE-2017-6837WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote ...
CVE-2017-6836Heap-based buffer overflow in the Expand3To4Module::run function in ...
CVE-2017-6835The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio ...
CVE-2017-6834Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp ...
CVE-2017-6833The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio ...
CVE-2017-6832Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio ...
CVE-2017-6831Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp ...
CVE-2017-6830Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp ...
CVE-2017-6829The decodeSample function in IMA.cpp in Audio File Library (aka ...
CVE-2017-6828Heap-based buffer overflow in the readValue function in FileHandle.cpp ...
CVE-2017-6827Heap-based buffer overflow in the MSADPCM::initializeCoefficients ...
CVE-2008-5824Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile ...

Security announcements

DSA / DLADescription
DLA-867-1audiofile - security update
DSA-3814-1audiofile - security update
DSA-1972-1audiofile - buffer overflow
DSA-1972-1audiofile - buffer overflow

Search for package or bug name: Reporting problems