Updated libsndfile package fixes security vulnerabilities: The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (CVE-2017-17456). The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (CVE-2017-17457). A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file (CVE-2018-13139).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 6 | noarch | libsndfile | <Â 1.0.28-3.3 | libsndfile-1.0.28-3.3.mga6 |