Advisories » MGASA-2017-0338

Updated libsndfile packages fix security vulnerability

Publication date: 14 Sep 2017
Modification date: 14 Sep 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-12562

Description

It was discovered that a Heap-based Buffer Overflow in the
psf_binheader_writef function in common.c in libsndfile through 1.0.28
allows remote attackers to cause a denial of service (application crash)
or possibly have unspecified other impact.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21618
• https://bugzilla.redhat.com/show_bug.cgi?id=1483140
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12562

SRPMS

6/core

• libsndfile-1.0.28-3.1.mga6

5/core

• libsndfile-1.0.25-9.4.mga5