Univention Bugzilla – Bug 49071
libsndfile: Multiple issues (4.2)
Last modified: 2019-03-27 16:44:49 CET
New Debian libsndfile 1.0.25-9.1+deb8u4 fixes: This update addresses the following issues: * incomplete fix for CVE-2018-19758 still allow to read beyond buffer limits (CVE-2019-3832)
--- mirror/ftp/4.2/unmaintained/component/4.2-5-errata/source/libsndfile_1.0.25-9.1+deb8u3.dsc +++ apt/ucs_4.2-0-errata4.2-5/source/libsndfile_1.0.25-9.1+deb8u4.dsc @@ -1,3 +1,9 @@ +1.0.25-9.1+deb8u4 [Wed, 13 Mar 2019 13:04:43 +0100] Emilio Pozuelo Monfort <pochu@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2019-3832: heap read overflow in wav_write_header due to incomplete + fix for CVE-2018-19758. + 1.0.25-9.1+deb8u3 [Thu, 10 Jan 2019 15:02:51 +0100] Hugo Lefeuvre <hle@debian.org>: * Non-maintainer upload by the LTS Team. <http://10.200.17.11/4.2-5/#5270929799672112014>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.2-5] 0dd9fbab17 Bug #49071: libsndfile 1.0.25-9.1+deb8u4 doc/errata/staging/libsndfile.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<http://errata.software-univention.de/ucs/4.2/621.html>