Updated audiofile packages fix security vulnerabilities
Publication date: 06 May 2017Modification date: 06 May 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-6827 , CVE-2017-6828 , CVE-2017-6829 , CVE-2017-6830 , CVE-2017-6831 , CVE-2017-6832 , CVE-2017-6833 , CVE-2017-6834 , CVE-2017-6835 , CVE-2017-6836 , CVE-2017-6837 , CVE-2017-6838 , CVE-2017-6839
Description
Several vulnerabilities have been discovered in the audiofile library, which may result in denial of service or the execution of arbitrary code if a malformed audio file is processed (CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839).
References
- https://bugs.mageia.org/show_bug.cgi?id=20466
- https://www.debian.org/security/2017/dsa-3814
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839
SRPMS
5/core
- audiofile-0.3.6-4.3.mga5