[ubuntu/precise-security] audiofile 0.3.3-2ubuntu0.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Mar 22 15:47:34 UTC 2017
audiofile (0.3.3-2ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005)
- Apply patches backported from Debian 0.3.6-4:
+ 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ 05_Always-check-the-number-of-coefficients.patch
+ 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ 07_Check-for-multiplication-overflow-in-sfconvert.patch
+ 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ 09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
- CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830,
CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834,
CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838,
CVE-2017-6839
* debian/patches/sfconvert_error_handling.patch: improve sfconvert error
handling so we can test the reproducers.
Date: 2017-03-22 14:49:22.652625+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/audiofile/0.3.3-2ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list