Advisories ยป MGASA-2020-0197

Updated libsndfile packages fix security vulnerabilities

Publication date: 05 May 2020
Modification date: 05 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2018-19661 , CVE-2018-19662

Description

Updated libsndfile packages fix security vulnerabilities:

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read
in the function i2ulaw_array in ulaw.c that will lead to a denial of
service (CVE-2018-19661).

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read
in the function i2alaw_array in alaw.c that will lead to a denial of
service (CVE-2018-19662).
                

References

SRPMS

7/core