Nom du paquet
libsndfile
Date
2009-03-05
Advisory ID
MDVSA-2009:067
Affected versions
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , 2008.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problem description

Crafted data - channels per frame value - in CAF files enables remote
attackers to execute arbitrary code or denial of service via a possible
integer overflow, leading to a possible heap overflow (CVE-2009-0186).

This update provides fix for that vulnerability.

Updated packages

2009.0 x86_64

 fcf87d888a6ea0f07db8e624ba128cca  2009.0/x86_64/lib64sndfile1-1.0.18-2.pre22.1.1mdv2009.0.x86_64.rpm
 80cfcf0f5bff9078bfaebba87ff714a5  2009.0/x86_64/lib64sndfile-devel-1.0.18-2.pre22.1.1mdv2009.0.x86_64.rpm
 0141e8a20584289ffd1178efd87ba335  2009.0/x86_64/lib64sndfile-static-devel-1.0.18-2.pre22.1.1mdv2009.0.x86_64.rpm
 1ce04938d46615cd65b9a1a8831b5bf4  2009.0/x86_64/libsndfile-progs-1.0.18-2.pre22.1.1mdv2009.0.x86_64.rpm 
 ee9f191461d5343b544ec4c9d4666b66  2009.0/SRPMS/libsndfile-1.0.18-2.pre22.1.1mdv2009.0.src.rpm

2008.0 i586

 636fcca6743199107f94bd6382691f56  2008.0/i586/libsndfile1-1.0.18-0.pre11.7.1mdv2008.0.i586.rpm
 c91b66214eb4a4415404e72012b7f13b  2008.0/i586/libsndfile-devel-1.0.18-0.pre11.7.1mdv2008.0.i586.rpm
 8c16b58d2e274cbf867663953a07535f  2008.0/i586/libsndfile-progs-1.0.18-0.pre11.7.1mdv2008.0.i586.rpm
 3cb4bebc4efac11173bb0a11fd033b10  2008.0/i586/libsndfile-static-devel-1.0.18-0.pre11.7.1mdv2008.0.i586.rpm 
 ec9d40e701e741340d3be115b8a0b7bc  2008.0/SRPMS/libsndfile-1.0.18-0.pre11.7.1mdv2008.0.src.rpm

2009.0 i586

 586e9952ee27348e3dd0de6b40d5f1a7  2009.0/i586/libsndfile1-1.0.18-2.pre22.1.1mdv2009.0.i586.rpm
 c2706ace6fb506e83f453bf156094fbd  2009.0/i586/libsndfile-devel-1.0.18-2.pre22.1.1mdv2009.0.i586.rpm
 1afd350af724ed149bb2b6aa727880a3  2009.0/i586/libsndfile-progs-1.0.18-2.pre22.1.1mdv2009.0.i586.rpm
 b01507410bb4405ce087a6ab1be5a120  2009.0/i586/libsndfile-static-devel-1.0.18-2.pre22.1.1mdv2009.0.i586.rpm 
 ee9f191461d5343b544ec4c9d4666b66  2009.0/SRPMS/libsndfile-1.0.18-2.pre22.1.1mdv2009.0.src.rpm

2008.0 x86_64

 0774a521cb9f0e5c228f9468fe2c85f0  2008.0/x86_64/lib64sndfile1-1.0.18-0.pre11.7.1mdv2008.0.x86_64.rpm
 32c2ff134e872aaa280c37a7d1dc1f01  2008.0/x86_64/lib64sndfile-devel-1.0.18-0.pre11.7.1mdv2008.0.x86_64.rpm
 de03d216159ff4c7001f56593c53935e  2008.0/x86_64/lib64sndfile-static-devel-1.0.18-0.pre11.7.1mdv2008.0.x86_64.rpm
 fc70ac7f2a15f046a9fa8b1464f673c2  2008.0/x86_64/libsndfile-progs-1.0.18-0.pre11.7.1mdv2008.0.x86_64.rpm 
 ec9d40e701e741340d3be115b8a0b7bc  2008.0/SRPMS/libsndfile-1.0.18-0.pre11.7.1mdv2008.0.src.rpm

2008.1 x86_64

 c6c3addab06b0fcfe83097ed340d92ba  2008.1/x86_64/lib64sndfile1-1.0.18-1.pre20.1.1mdv2008.1.x86_64.rpm
 7c9fdab0b5b3315a0a395be98c61dedb  2008.1/x86_64/lib64sndfile-devel-1.0.18-1.pre20.1.1mdv2008.1.x86_64.rpm
 0b6155a33e3d716b30d4c01d69581eed  2008.1/x86_64/lib64sndfile-static-devel-1.0.18-1.pre20.1.1mdv2008.1.x86_64.rpm
 529ce9ed36fbfd62a2eba0de9690f156  2008.1/x86_64/libsndfile-progs-1.0.18-1.pre20.1.1mdv2008.1.x86_64.rpm 
 118dac159755622e790e779d3346074d  2008.1/SRPMS/libsndfile-1.0.18-1.pre20.1.1mdv2008.1.src.rpm

2008.1 i586

 22c5d13d816c87fbc5d454e47d801508  2008.1/i586/libsndfile1-1.0.18-1.pre20.1.1mdv2008.1.i586.rpm
 7c8ebc8ac747b3d3d37eab9c75a2e035  2008.1/i586/libsndfile-devel-1.0.18-1.pre20.1.1mdv2008.1.i586.rpm
 a293119cea21293a88f83f8c54fb9dba  2008.1/i586/libsndfile-progs-1.0.18-1.pre20.1.1mdv2008.1.i586.rpm
 0b92ade91efdffde568e6e36eb7c0eca  2008.1/i586/libsndfile-static-devel-1.0.18-1.pre20.1.1mdv2008.1.i586.rpm 
 118dac159755622e790e779d3346074d  2008.1/SRPMS/libsndfile-1.0.18-1.pre20.1.1mdv2008.1.src.rpm

References