** Description changed: https://security-tracker.debian.org/tracker/source-package/audiofile http://openwall.com/lists/oss-security/2017/02/26/ + https://github.com/mpruett/audiofile/issues/32 + https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp + https://github.com/mpruett/audiofile/commit/c48e4c6503 + Fixed in Debian unstable 0.3.6-4 and synced to zesty. debdiffs attached for 14.04 LTS and up. For 12.04 LTS, audiofile was in main so someone should probably try to apply the patches there too. I've done no testing of these packages.
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to audiofile in Ubuntu. https://bugs.launchpad.net/bugs/1674005 Title: audiofile: Multiple security issues from March 2017 Status in audiofile package in Ubuntu: New Bug description: https://security-tracker.debian.org/tracker/source-package/audiofile http://openwall.com/lists/oss-security/2017/02/26/ https://github.com/mpruett/audiofile/issues/32 https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp https://github.com/mpruett/audiofile/commit/c48e4c6503 Fixed in Debian unstable 0.3.6-4 and synced to zesty. debdiffs attached for 14.04 LTS and up. For 12.04 LTS, audiofile was in main so someone should probably try to apply the patches there too. I've done no testing of these packages. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
