Package: libsndfile1
Version: 1.0.20-1
Severity: normal
Tags: security
Hi,
I have discovered six different SIGFPE crashes with crafted input
files in libsndfile. Triggering input files are attached.
The crashes are:
1) in htk.c:198 (htk_read_header), divisor sample_period can be 0.
2) in
Sami Liedes wrote:
I have discovered six different SIGFPE crashes with crafted input
files in libsndfile. Triggering input files are attached.
Seems the debian bug tracker filtered them out. Can you please send
them directly to me?
I don't know what the security impact is, but since I
On Thu, May 28, 2009 at 05:53:03PM +1000, Erik de Castro Lopo wrote:
Sami Liedes wrote:
I have discovered six different SIGFPE crashes with crafted input
files in libsndfile. Triggering input files are attached.
Seems the debian bug tracker filtered them out. Can you please send
them
Hi,
* Erik de Castro Lopo er...@mega-nerd.com [2009-05-28 11:52]:
Sami Liedes wrote:
[...]
I don't know what the security impact is, but since I assume
libsndfile is used by lots of applications for data obtained from
untrusted sources, I thought I'd tag this security. In any case it
Attached is a patch which fixes all these problems.
Cheers,
Erik
PS : I am the upstream author and this is the patch I applied to my
development version.
--
--
Erik de Castro Lopo
http://www.mega-nerd.com/
=== modified
5 matches
Mail list logo