Updated libsndfile packages fix security vulnerability
Publication date: 26 Nov 2015Modification date: 26 Nov 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7805
Description
Due to a heap overflow in libsndfile, a specially crafted AIFF header can
manage index values in order to use memcpy to overwrite memory the heap
(CVE-2015-7805).
References
- https://bugs.mageia.org/show_bug.cgi?id=17163
- http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/
- https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00077.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
SRPMS
5/core
- libsndfile-1.0.25-9.1.mga5