Debian Bug report logs - #528650
libsndfile1: Potential heap overflow in all versions <= 1.0.19

version graph

Package: libsndfile1; Maintainer for libsndfile1 is Erik de Castro Lopo <erikd@mega-nerd.com>; Source for libsndfile1 is src:libsndfile.

Reported by: Erik de Castro Lopo <erikd@mega-nerd.com>

Date: Thu, 14 May 2009 11:33:01 UTC

Severity: grave

Tags: patch, security

Fixed in versions libsndfile/1.0.20-1, libsndfile/1.0.17-4+lenny2, libsndfile/1.0.18-2+squeeze1

Done: Raphael Geissert <geissert@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#528650; Package libsndfile1. (Thu, 14 May 2009 11:33:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
New Bug report received and forwarded. Copy sent to Samuel Mimram <smimram@debian.org>. (Thu, 14 May 2009 11:33:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Erik de Castro Lopo <erikd@mega-nerd.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libsndfile1: Potential heap overflow in all versions <= 1.0.19
Date: Thu, 14 May 2009 21:31:20 +1000
Package: libsndfile1
Severity: normal
Tags: patch


Potential heap overflow as described here:

    http://www.mega-nerd.com/erikd/Blog/CodeHacking/libsndfile/rel_20.html

The blog post also links to patches for all versions of libsndfile from
1.0.15 to  1.0.19 inclusive.


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to POSIX)
Shell: /bin/sh linked to /bin/bash




Information forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#528650; Package libsndfile1. (Mon, 18 May 2009 21:12:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
Extra info received and forwarded to list. Copy sent to Samuel Mimram <smimram@debian.org>. (Mon, 18 May 2009 21:12:02 GMT) Full text and rfc822 format available.

Message #10 received at 528650@bugs.debian.org (full text, mbox):

From: Giuseppe Iuculano <giuseppe@iuculano.it>
To: 528650@bugs.debian.org
Subject: libsndfile VOC and AIFF Processing Buffer Overflow Vulnerabilities
Date: Mon, 18 May 2009 23:08:46 +0200
[Message part 1 (text/plain, inline)]
severity 528650 grave
tags security
thanks

Hi,

further information:

http://secunia.com/advisories/35076/
http://trapkit.de/advisories/TKADV2009-006.txt

Cheers,
Giuseppe

[signature.asc (application/pgp-signature, attachment)]

Severity set to `grave' from `normal' Request was from Giuseppe Iuculano <giuseppe@iuculano.it> to control@bugs.debian.org. (Mon, 18 May 2009 21:12:03 GMT) Full text and rfc822 format available.

Tags added: security Request was from Giuseppe Iuculano <giuseppe@iuculano.it> to control@bugs.debian.org. (Mon, 18 May 2009 21:12:04 GMT) Full text and rfc822 format available.

Reply sent to Samuel Mimram <smimram@debian.org>:
You have taken responsibility. (Tue, 19 May 2009 10:45:08 GMT) Full text and rfc822 format available.

Notification sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
Bug acknowledged by developer. (Tue, 19 May 2009 10:45:09 GMT) Full text and rfc822 format available.

Message #19 received at 528650-close@bugs.debian.org (full text, mbox):

From: Samuel Mimram <smimram@debian.org>
To: 528650-close@bugs.debian.org
Subject: Bug#528650: fixed in libsndfile 1.0.20-1
Date: Tue, 19 May 2009 09:48:51 +0000
Source: libsndfile
Source-Version: 1.0.20-1

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive:

libsndfile1-dev_1.0.20-1_i386.deb
  to pool/main/libs/libsndfile/libsndfile1-dev_1.0.20-1_i386.deb
libsndfile1_1.0.20-1_i386.deb
  to pool/main/libs/libsndfile/libsndfile1_1.0.20-1_i386.deb
libsndfile_1.0.20-1.diff.gz
  to pool/main/libs/libsndfile/libsndfile_1.0.20-1.diff.gz
libsndfile_1.0.20-1.dsc
  to pool/main/libs/libsndfile/libsndfile_1.0.20-1.dsc
libsndfile_1.0.20.orig.tar.gz
  to pool/main/libs/libsndfile/libsndfile_1.0.20.orig.tar.gz
sndfile-programs_1.0.20-1_i386.deb
  to pool/main/libs/libsndfile/sndfile-programs_1.0.20-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 528650@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Samuel Mimram <smimram@debian.org> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 19 May 2009 09:13:56 +0200
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs
Architecture: source i386
Version: 1.0.20-1
Distribution: unstable
Urgency: low
Maintainer: Samuel Mimram <smimram@debian.org>
Changed-By: Samuel Mimram <smimram@debian.org>
Description: 
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dev - Library for reading/writing audio files
 sndfile-programs - Sample programs that use libsndfile
Closes: 528650
Changes: 
 libsndfile (1.0.20-1) unstable; urgency=low
 .
   * New upstream release.
   * Fixes potential heap overflows on VOC and AIFF files, closes: #528650.
Checksums-Sha1: 
 bac2a0716a30945e736bc1bc04b211126cf87b84 1181 libsndfile_1.0.20-1.dsc
 d4f88b919c644f54dd4038c4cf4fb2e7b0d32f7b 927422 libsndfile_1.0.20.orig.tar.gz
 b850e8ab3aacc5ca87ceaf9cfc0235a4a18fe934 6238 libsndfile_1.0.20-1.diff.gz
 f9310e74a7d1be344f16a228bed055f996ab5269 352132 libsndfile1-dev_1.0.20-1_i386.deb
 28855d71899cc72f6bf136c3b257731d93c32c28 227984 libsndfile1_1.0.20-1_i386.deb
 d19fac4aecf7bfd507d6e25634861a2906f98e43 99960 sndfile-programs_1.0.20-1_i386.deb
Checksums-Sha256: 
 ec0919d06b3fd16688fcce053486cfdfc5a7077c9d0c6f57590c955aeae20e78 1181 libsndfile_1.0.20-1.dsc
 7517eb966579f8814b5efe307cb919c5b4e7b5c6729209ba1da95f31e8368dc7 927422 libsndfile_1.0.20.orig.tar.gz
 b4c6df0c8fe6fa1de02a650370d9fe92cd64f75f9635aac15919289ff9271b56 6238 libsndfile_1.0.20-1.diff.gz
 2a348b81f8876bc7cb9e767e40b58c0fe6a85280aecd7f912b52dde19d217050 352132 libsndfile1-dev_1.0.20-1_i386.deb
 4cfc2f5925efd11ba049804514f9d88d9c82820f34c4f6fab4a875a2b96def06 227984 libsndfile1_1.0.20-1_i386.deb
 dd5bb911d1d0bdf4d9da2b5041deb6191d5252406817210f6069c84808865bd6 99960 sndfile-programs_1.0.20-1_i386.deb
Files: 
 0f01782e9950859dfe7f56d6538ed26a 1181 devel optional libsndfile_1.0.20-1.dsc
 e0553e12c7a467af44693e95e2eac668 927422 devel optional libsndfile_1.0.20.orig.tar.gz
 00338bffba9ff8053a378a7e7e853129 6238 devel optional libsndfile_1.0.20-1.diff.gz
 f3bfe665a2832538d4ec2fe0bec50d24 352132 libdevel optional libsndfile1-dev_1.0.20-1_i386.deb
 9ff51cff5f4df3fa0efe577fd366f2c0 227984 libs optional libsndfile1_1.0.20-1_i386.deb
 a024621aff1d99c215ea92c532c85194 99960 utils optional sndfile-programs_1.0.20-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoSfN4ACgkQIae1O4AJae9P8QCfS4eCXj/H3n84ZOhqjYg7QwRP
2t8Anj2xNtIVT5LYIj2k4Ha5cvYXsXOX
=rAvC
-----END PGP SIGNATURE-----





Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility. (Sat, 20 Jun 2009 14:09:04 GMT) Full text and rfc822 format available.

Notification sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
Bug acknowledged by developer. (Sat, 20 Jun 2009 14:09:04 GMT) Full text and rfc822 format available.

Message #24 received at 528650-close@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 528650-close@bugs.debian.org
Subject: Bug#528650: fixed in libsndfile 1.0.17-4+lenny2
Date: Sat, 20 Jun 2009 13:54:11 +0000
Source: libsndfile
Source-Version: 1.0.17-4+lenny2

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive:

libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
  to pool/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
libsndfile1_1.0.17-4+lenny2_amd64.deb
  to pool/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_amd64.deb
libsndfile_1.0.17-4+lenny2.diff.gz
  to pool/main/libs/libsndfile/libsndfile_1.0.17-4+lenny2.diff.gz
libsndfile_1.0.17-4+lenny2.dsc
  to pool/main/libs/libsndfile/libsndfile_1.0.17-4+lenny2.dsc
sndfile-programs_1.0.17-4+lenny2_amd64.deb
  to pool/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 528650@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 12 Jun 2009 11:49:42 +0000
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs
Architecture: source amd64
Version: 1.0.17-4+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Samuel Mimram <smimram@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dev - Library for reading/writing audio files
 sndfile-programs - Sample programs that use libsndfile
Closes: 528650
Changes: 
 libsndfile (1.0.17-4+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * This update addresses the following security issues:
     - CVE-2009-1788: heap-based buffer overflow in voc_read_header
       leading to arbitrary code execution via crafted VOC headers.
     - CVE-2009-1791: heap-based buffer overflow in aiff_read_header
       leading to arbitrary code execution via crafted AIFF headers.
     (Closes: #528650).
Checksums-Sha1: 
 61b7b9243336d4c7e3734a8571954d6453a6db5c 1134 libsndfile_1.0.17-4+lenny2.dsc
 3c132f2280e27adca3d2050db1f6596ed64073c3 10627 libsndfile_1.0.17-4+lenny2.diff.gz
 b380fe68022d7b9cbe3f41533e8abcdedecbed05 333800 libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
 f5187b5e2e5d89f38fe72edceb90e4baef4e5359 191352 libsndfile1_1.0.17-4+lenny2_amd64.deb
 a53e274545b1d82e32387c4a2e49004901828858 73166 sndfile-programs_1.0.17-4+lenny2_amd64.deb
Checksums-Sha256: 
 f3d79c734db14df77b15b26493db4ccb5e8ced8580b92443d39458758f513665 1134 libsndfile_1.0.17-4+lenny2.dsc
 69e26930a332ad8d281a9d9bd3aa2d905bb417bf782dde46a8e0af5baeda5ff8 10627 libsndfile_1.0.17-4+lenny2.diff.gz
 8b4819a0acd876558fc52f300c3c2d9bfc25d9ffd3d83518aeafa9129b78bd74 333800 libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
 dbe3b505d20dc02a74815d1a407205a41e610880c4fb090fb8aa9cebe1d368af 191352 libsndfile1_1.0.17-4+lenny2_amd64.deb
 0f913ea508267f1803ac67c86307dddc6f510b46bd33dc40250daf115dc863f5 73166 sndfile-programs_1.0.17-4+lenny2_amd64.deb
Files: 
 51d9eb65dd02a51f539d841417d49f1b 1134 devel optional libsndfile_1.0.17-4+lenny2.dsc
 2325910ddaba0afbdd7e317e38970bb8 10627 devel optional libsndfile_1.0.17-4+lenny2.diff.gz
 c082042884f8aa7d54456c7edda82505 333800 libdevel optional libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
 a7fcfefe56bbe623aedf4c1a716fbd7c 191352 libs optional libsndfile1_1.0.17-4+lenny2_amd64.deb
 95ae8a7f7cc414b590492a5ccb8b54bb 73166 utils optional sndfile-programs_1.0.17-4+lenny2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoyQ78ACgkQHYflSXNkfP+8ZgCfYEU3Kne6PLRclqi4krgzCKxY
O0IAnjyMs48IJxQhaVCbp57UrE0tMeXO
=IWRP
-----END PGP SIGNATURE-----





Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility. (Sat, 27 Jun 2009 16:36:11 GMT) Full text and rfc822 format available.

Notification sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
Bug acknowledged by developer. (Sat, 27 Jun 2009 16:36:11 GMT) Full text and rfc822 format available.

Message #29 received at 528650-close@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 528650-close@bugs.debian.org
Subject: Bug#528650: fixed in libsndfile 1.0.17-4+lenny2
Date: Sat, 27 Jun 2009 16:04:32 +0000
Source: libsndfile
Source-Version: 1.0.17-4+lenny2

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive:

libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
  to pool/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
libsndfile1_1.0.17-4+lenny2_amd64.deb
  to pool/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_amd64.deb
libsndfile_1.0.17-4+lenny2.diff.gz
  to pool/main/libs/libsndfile/libsndfile_1.0.17-4+lenny2.diff.gz
libsndfile_1.0.17-4+lenny2.dsc
  to pool/main/libs/libsndfile/libsndfile_1.0.17-4+lenny2.dsc
sndfile-programs_1.0.17-4+lenny2_amd64.deb
  to pool/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 528650@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 12 Jun 2009 11:49:42 +0000
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs
Architecture: source amd64
Version: 1.0.17-4+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Samuel Mimram <smimram@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dev - Library for reading/writing audio files
 sndfile-programs - Sample programs that use libsndfile
Closes: 528650
Changes: 
 libsndfile (1.0.17-4+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * This update addresses the following security issues:
     - CVE-2009-1788: heap-based buffer overflow in voc_read_header
       leading to arbitrary code execution via crafted VOC headers.
     - CVE-2009-1791: heap-based buffer overflow in aiff_read_header
       leading to arbitrary code execution via crafted AIFF headers.
     (Closes: #528650).
Checksums-Sha1: 
 61b7b9243336d4c7e3734a8571954d6453a6db5c 1134 libsndfile_1.0.17-4+lenny2.dsc
 3c132f2280e27adca3d2050db1f6596ed64073c3 10627 libsndfile_1.0.17-4+lenny2.diff.gz
 b380fe68022d7b9cbe3f41533e8abcdedecbed05 333800 libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
 f5187b5e2e5d89f38fe72edceb90e4baef4e5359 191352 libsndfile1_1.0.17-4+lenny2_amd64.deb
 a53e274545b1d82e32387c4a2e49004901828858 73166 sndfile-programs_1.0.17-4+lenny2_amd64.deb
Checksums-Sha256: 
 f3d79c734db14df77b15b26493db4ccb5e8ced8580b92443d39458758f513665 1134 libsndfile_1.0.17-4+lenny2.dsc
 69e26930a332ad8d281a9d9bd3aa2d905bb417bf782dde46a8e0af5baeda5ff8 10627 libsndfile_1.0.17-4+lenny2.diff.gz
 8b4819a0acd876558fc52f300c3c2d9bfc25d9ffd3d83518aeafa9129b78bd74 333800 libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
 dbe3b505d20dc02a74815d1a407205a41e610880c4fb090fb8aa9cebe1d368af 191352 libsndfile1_1.0.17-4+lenny2_amd64.deb
 0f913ea508267f1803ac67c86307dddc6f510b46bd33dc40250daf115dc863f5 73166 sndfile-programs_1.0.17-4+lenny2_amd64.deb
Files: 
 51d9eb65dd02a51f539d841417d49f1b 1134 devel optional libsndfile_1.0.17-4+lenny2.dsc
 2325910ddaba0afbdd7e317e38970bb8 10627 devel optional libsndfile_1.0.17-4+lenny2.diff.gz
 c082042884f8aa7d54456c7edda82505 333800 libdevel optional libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
 a7fcfefe56bbe623aedf4c1a716fbd7c 191352 libs optional libsndfile1_1.0.17-4+lenny2_amd64.deb
 95ae8a7f7cc414b590492a5ccb8b54bb 73166 utils optional sndfile-programs_1.0.17-4+lenny2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoyQ78ACgkQHYflSXNkfP+8ZgCfYEU3Kne6PLRclqi4krgzCKxY
O0IAnjyMs48IJxQhaVCbp57UrE0tMeXO
=IWRP
-----END PGP SIGNATURE-----





Reply sent to Raphael Geissert <geissert@debian.org>:
You have taken responsibility. (Sun, 13 Sep 2009 19:06:13 GMT) Full text and rfc822 format available.

Notification sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
Bug acknowledged by developer. (Sun, 13 Sep 2009 19:06:13 GMT) Full text and rfc822 format available.

Message #34 received at 528650-close@bugs.debian.org (full text, mbox):

From: Raphael Geissert <geissert@debian.org>
To: 528650-close@bugs.debian.org
Subject: Bug#528650: fixed in libsndfile 1.0.18-2+squeeze1
Date: Sun, 13 Sep 2009 18:32:57 +0000
Source: libsndfile
Source-Version: 1.0.18-2+squeeze1

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive:

libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
  to pool/main/libs/libsndfile/libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
libsndfile1_1.0.18-2+squeeze1_i386.deb
  to pool/main/libs/libsndfile/libsndfile1_1.0.18-2+squeeze1_i386.deb
libsndfile_1.0.18-2+squeeze1.diff.gz
  to pool/main/libs/libsndfile/libsndfile_1.0.18-2+squeeze1.diff.gz
libsndfile_1.0.18-2+squeeze1.dsc
  to pool/main/libs/libsndfile/libsndfile_1.0.18-2+squeeze1.dsc
sndfile-programs_1.0.18-2+squeeze1_i386.deb
  to pool/main/libs/libsndfile/sndfile-programs_1.0.18-2+squeeze1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 528650@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Raphael Geissert <geissert@debian.org> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 11 Sep 2009 21:50:21 -0500
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs
Architecture: source i386
Version: 1.0.18-2+squeeze1
Distribution: testing-security
Urgency: high
Maintainer: Samuel Mimram <smimram@debian.org>
Changed-By: Raphael Geissert <geissert@debian.org>
Description: 
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dev - Library for reading/writing audio files
 sndfile-programs - Sample programs that use libsndfile
Closes: 528650
Changes: 
 libsndfile (1.0.18-2+squeeze1) testing-security; urgency=high
 .
   * Non-maintainer upload by the Testing Security Team.
   * Upload to testing due to several issues blocking migration of new release
   * The following issues are fixed:
      - CVE-2009-1788: heap-based buffer overflow in voc_read_header
        leading to arbitrary code execution via crafted VOC headers.
      - CVE-2009-1791: heap-based buffer overflow in aiff_read_header
        leading to arbitrary code execution via crafted AIFF headers.
      (Closes: #528650).
      - CVE-2009-0186: integer overflow leading to a heap-based buffer overflow
        via a crafted CAF file by limiting the number of channels per frame.
Checksums-Sha1: 
 2278339cd19bb4dcad5c27a27de1803c43cb2e24 1220 libsndfile_1.0.18-2+squeeze1.dsc
 d0fb643dc5b1030cf769e06d1260c70320fc877e 923666 libsndfile_1.0.18.orig.tar.gz
 90be2336e0001c85074d068c9e72717564f3b134 10519 libsndfile_1.0.18-2+squeeze1.diff.gz
 73f58df9e2f38fe95909d4d19ef107f8d84bc6b6 340352 libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
 3c6f2831fe5f5b66afa2a95c6e2ca8a60dadd2f5 213524 libsndfile1_1.0.18-2+squeeze1_i386.deb
 1d15863ff01bb577729d6adc692b0ae5768b8dfb 90824 sndfile-programs_1.0.18-2+squeeze1_i386.deb
Checksums-Sha256: 
 9c221254341720591d995a373cfb26663446df5ea5143c26f6024ebedc587f36 1220 libsndfile_1.0.18-2+squeeze1.dsc
 c0821534a8510982d26b3085b148d9091dede53780733515eb49c99a65da293a 923666 libsndfile_1.0.18.orig.tar.gz
 ef79b645082d4a7935b9b461dde214d2ef971dccfd9cf3a3950b27945c086290 10519 libsndfile_1.0.18-2+squeeze1.diff.gz
 f0df48aec7def082c4272773da1d6aeb3b4c7cd62fa55c4b2f3579557f4aba6b 340352 libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
 b674d9d36892d0a9e48fee8e7123e01b522d46b7e4894d8d392c97ac838e0830 213524 libsndfile1_1.0.18-2+squeeze1_i386.deb
 cae6bd9aa2c716549065e7cb6082afd2fdaaf9c02b99a8211c9cd7733d603c3c 90824 sndfile-programs_1.0.18-2+squeeze1_i386.deb
Files: 
 bfcd0eb037b3cd061ee1473d867fe1d7 1220 devel optional libsndfile_1.0.18-2+squeeze1.dsc
 9fde6efb1b75ef38398acf856f252416 923666 devel optional libsndfile_1.0.18.orig.tar.gz
 3ea60755d2a68a97c16feb7e18f31cc6 10519 devel optional libsndfile_1.0.18-2+squeeze1.diff.gz
 17ceb59ccc83d69cfb0f65ea4fd7cabb 340352 libdevel optional libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
 1c7e5608d63ff78d6a048230013e70b7 213524 libs optional libsndfile1_1.0.18-2+squeeze1_i386.deb
 589c79f46d544d49bf85a2d933781ec8 90824 utils optional sndfile-programs_1.0.18-2+squeeze1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqseaYACgkQYy49rUbZzlqFDwCglXHTwjynXI5rGYqVW26Sfz0p
+YgAnjra5YgoWKk77T/2cHAxUk7XsvEv
=9hMo
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 12 Oct 2009 07:36:36 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 03:40:45 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.