Information on source package libsndfile

Available versions

ReleaseVersion
jessie1.0.25-9.1+deb8u1
jessie (security)1.0.25-9.1+deb8u4
stretch1.0.27-3
buster1.0.28-6
bullseye1.0.28-6
sid1.0.28-6

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2018-19758fixedvulnerable (no DSA)fixedfixedfixedThere is a heap-based buffer over-read at wav.c in wav_write_header in ...
CVE-2018-19662fixedvulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsndfile 1.0.28. There is a buffer over-r ...
CVE-2018-19661fixedvulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsndfile 1.0.28. There is a buffer over-r ...
CVE-2017-7742vulnerable (no DSA)fixedfixedfixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...
CVE-2017-7741vulnerable (no DSA)fixedfixedfixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...
CVE-2017-7586vulnerable (no DSA)fixedfixedfixedfixedIn libsndfile before 1.0.28, an error in the "header_read()" function ...
CVE-2017-7585vulnerable (no DSA)fixedfixedfixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...
CVE-2017-6892vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" fu ...
CVE-2017-16942vulnerable (no DSA)fixedfixedfixedfixedIn libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists ...
CVE-2017-14634fixedvulnerable (no DSA)fixedfixedfixedIn libsndfile 1.0.28, a divide-by-zero error exists in the function do ...
CVE-2017-14246fixedvulnerable (no DSA)fixedfixedfixedAn out of bounds read in the function d2ulaw_array() in ulaw.c of libs ...
CVE-2017-14245fixedvulnerable (no DSA)fixedfixedfixedAn out of bounds read in the function d2alaw_array() in alaw.c of libs ...
CVE-2017-12562vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedHeap-based Buffer Overflow in the psf_binheader_writef function in com ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2018-19432fixedvulnerablevulnerablevulnerablevulnerableAn issue was discovered in libsndfile 1.0.28. There is a NULL pointer ...
CVE-2018-13139fixedvulnerablevulnerablevulnerablevulnerableA stack-based buffer overflow in psf_memset in common.c in libsndfile ...

Resolved issues

BugDescription
CVE-2019-3832It was discovered the fix for CVE-2018-19758 (libsndfile) was not comp ...
CVE-2017-8365The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote a ...
CVE-2017-8363The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...
CVE-2017-8362The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...
CVE-2017-8361The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...
CVE-2015-7805Heap-based buffer overflow in libsndfile 1.0.25 allows remote attacker ...
CVE-2014-9756The psf_fwrite function in file_io.c in libsndfile allows attackers to ...
CVE-2014-9496The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attacke ...
CVE-2011-2696Integer overflow in libsndfile before 1.0.25 allows remote attackers t ...
CVE-2009-4835The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, ( ...
CVE-2009-1791Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 th ...
CVE-2009-1788Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 thr ...
CVE-2009-0186Integer overflow in libsndfile 1.0.18, as used in Winamp and other pro ...
CVE-2007-4974Heap-based buffer overflow in the flac_buffer_copy function in libsndf ...

Security announcements

DSA / DLADescription
DLA-1712-1libsndfile - security update
DLA-1632-1libsndfile - security update
DLA-1618-1libsndfile - security update
DLA-1049-1libsndfile - security update
DLA-985-1libsndfile - security update
DLA-956-1libsndfile - security update
DLA-928-1libsndfile - security update
DLA-356-1libsndfile - security update
DSA-2288-1libsndfile - integer overflow
DSA-2288-1libsndfile - integer overflow
DSA-1814-1libsndfile - arbitrary code execution
DSA-1814-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1442-1libsndfile

Search for package or bug name: Reporting problems