** Changed in: audiofile (Ubuntu)
   Importance: Undecided => Medium

** Changed in: audiofile (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: audiofile (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: audiofile (Ubuntu Xenial)
   Importance: Undecided => Medium

** Changed in: audiofile (Ubuntu Yakkety)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to audiofile in Ubuntu.
https://bugs.launchpad.net/bugs/1674005

Title:
  audiofile: Multiple security issues from March 2017

Status in audiofile package in Ubuntu:
  New
Status in audiofile source package in Precise:
  New
Status in audiofile source package in Trusty:
  New
Status in audiofile source package in Xenial:
  New
Status in audiofile source package in Yakkety:
  New

Bug description:
  https://security-tracker.debian.org/tracker/source-package/audiofile
  http://openwall.com/lists/oss-security/2017/02/26/
  https://github.com/mpruett/audiofile/issues/32
  
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
  https://github.com/mpruett/audiofile/commit/c48e4c6503

  
  Fixed in Debian unstable 0.3.6-4 and synced to zesty.

  debdiffs attached for 14.04 LTS and up. For 12.04 LTS, audiofile was
  in main so someone should probably try to apply the patches there too.

  I've done no testing of these packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to