Information on source package libsndfile

Available versions

ReleaseVersion
wheezy1.0.25-5
wheezy (security)1.0.25-9.1+deb7u4
jessie1.0.25-9.1+deb8u1
stretch1.0.27-3
buster1.0.28-4
sid1.0.28-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-8365fixedvulnerable (no DSA)fixedfixedfixedThe i2les_array function in pcm.c in libsndfile 1.0.28 allows remote ...
CVE-2017-8363fixedvulnerable (no DSA)fixedfixedfixedThe flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...
CVE-2017-8362fixedvulnerable (no DSA)fixedfixedfixedThe flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...
CVE-2017-8361fixedvulnerable (no DSA)fixedfixedfixedThe flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...
CVE-2017-7742fixedvulnerable (no DSA)fixedfixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...
CVE-2017-7741fixedvulnerable (no DSA)fixedfixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...
CVE-2017-7586fixedvulnerable (no DSA)fixedfixedfixedIn libsndfile before 1.0.28, an error in the "header_read()" function ...
CVE-2017-7585fixedvulnerable (no DSA)fixedfixedfixedIn libsndfile before 1.0.28, an error in the "flac_buffer_copy()" ...
CVE-2017-6892fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedIn libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" ...
CVE-2017-14634vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableIn libsndfile 1.0.28, a divide-by-zero error exists in the function ...
CVE-2017-14246vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn out of bounds read in the function d2ulaw_array() in ulaw.c of ...
CVE-2017-14245vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn out of bounds read in the function d2alaw_array() in alaw.c of ...
CVE-2017-12562fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in the psf_binheader_writef function in ...

Resolved issues

BugDescription
CVE-2015-7805Heap-based buffer overflow in libsndfile 1.0.25 allows remote ...
CVE-2014-9756The psf_fwrite function in file_io.c in libsndfile allows attackers to ...
CVE-2014-9496The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows ...
CVE-2011-2696Integer overflow in libsndfile before 1.0.25 allows remote attackers ...
CVE-2009-4835The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, ...
CVE-2009-1791Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 ...
CVE-2009-1788Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 ...
CVE-2009-0186Integer overflow in libsndfile 1.0.18, as used in Winamp and other ...
CVE-2007-4974Heap-based buffer overflow in the flac_buffer_copy function in ...

Security announcements

DSA / DLADescription
DLA-1049-1libsndfile - security update
DLA-985-1libsndfile - security update
DLA-956-1libsndfile - security update
DLA-928-1libsndfile - security update
DLA-356-1libsndfile - security update
DSA-2288-1libsndfile - integer overflow
DSA-2288-1libsndfile - integer overflow
DSA-1814-1libsndfile - arbitrary code execution
DSA-1814-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1442-1libsndfile

Search for package or bug name: Reporting problems