logo
DATABASE RESOURCES PRICING ABOUT US

Low: libsndfile

Description

**Issue Overview:** An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. (CVE-2018-19662) **Affected Packages:** libsndfile **Issue Correction:** Run _yum update libsndfile_ to update your system. **New Packages:** aarch64:     libsndfile-1.0.25-12.amzn2.aarch64     libsndfile-devel-1.0.25-12.amzn2.aarch64     libsndfile-utils-1.0.25-12.amzn2.aarch64     libsndfile-debuginfo-1.0.25-12.amzn2.aarch64 i686:     libsndfile-1.0.25-12.amzn2.i686     libsndfile-devel-1.0.25-12.amzn2.i686     libsndfile-utils-1.0.25-12.amzn2.i686     libsndfile-debuginfo-1.0.25-12.amzn2.i686 src:     libsndfile-1.0.25-12.amzn2.src x86_64:     libsndfile-1.0.25-12.amzn2.x86_64     libsndfile-devel-1.0.25-12.amzn2.x86_64     libsndfile-utils-1.0.25-12.amzn2.x86_64     libsndfile-debuginfo-1.0.25-12.amzn2.x86_64 ### Additional References Red Hat: [CVE-2018-19662](<https://access.redhat.com/security/cve/CVE-2018-19662>) Mitre: [CVE-2018-19662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19662>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 2 libsndfile 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-devel 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-utils 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-debuginfo 1.0.25-12.amzn2
Amazon Linux 2 libsndfile 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-devel 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-utils 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-debuginfo 1.0.25-12.amzn2
Amazon Linux 2 libsndfile 1.0.25-12.amzn2
Amazon Linux 2 libsndfile 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-devel 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-utils 1.0.25-12.amzn2
Amazon Linux 2 libsndfile-debuginfo 1.0.25-12.amzn2

Related