Information on source package libsndfile

Available versions

ReleaseVersion
wheezy1.0.25-5
jessie1.0.25-9.1+deb8u1
stretch1.0.27-2
sid1.0.27-2

Open issues

BugwheezyjessiestretchsidDescription
CVE-2017-7742vulnerablevulnerable (no DSA)vulnerablevulnerableIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...
CVE-2017-7741vulnerablevulnerable (no DSA)fixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...
CVE-2017-7586vulnerablevulnerable (no DSA)fixedfixedIn libsndfile before 1.0.28, an error in the "header_read()" function ...
CVE-2017-7585vulnerablevulnerable (no DSA)fixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...
CVE-2015-7805vulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in libsndfile 1.0.25 allows remote ...
CVE-2014-9756vulnerable (no DSA)fixedfixedfixedThe psf_fwrite function in file_io.c in libsndfile allows attackers to ...
CVE-2014-9496vulnerable (no DSA)fixedfixedfixedThe sd2_parse_rsrc_fork function in sd2.c in libsndfile allows ...

Resolved issues

BugDescription
CVE-2011-2696Integer overflow in libsndfile before 1.0.25 allows remote attackers ...
CVE-2009-4835The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, ...
CVE-2009-1791Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 ...
CVE-2009-1788Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 ...
CVE-2009-0186Integer overflow in libsndfile 1.0.18, as used in Winamp and other ...
CVE-2007-4974Heap-based buffer overflow in the flac_buffer_copy function in ...

Security announcements

DSA / DLADescription
DLA-356-1libsndfile - security update
DSA-2288-1libsndfile - integer overflow
DSA-2288-1libsndfile - integer overflow
DSA-1814-1libsndfile - arbitrary code execution
DSA-1814-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1442-1libsndfile

Search for package or bug name: Reporting problems