-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libsndfile Version : 1.0.25-9.1+deb7u4 CVE ID : CVE-2017-12562 Debian Bug : #869166
It was discovered that there was a heap buffer overflow attack in libsndfile, a library for reading/writing audio files. An attacker could cause a remote denial of service attack by tricking the function into outputting a large amount of data. For Debian 7 "Wheezy", this issue has been fixed in libsndfile version 1.0.25-9.1+deb7u4. We recommend that you upgrade your libsndfile packages. Regards, - -- ,''`. : :' : Chris Lamb, Debian Project Leader `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmIXQYACgkQHpU+J9Qx HljHoA/9GbDPSfYQdHt4ely6z6CwEwpM0giq+ixPecIlQxq9qVsPxBkbz2DEmEIT K4ZqR5zCG8G8Scx+G4XBOv4pYe2rTDMV1OlVORSMd3Cg2QOpHXJU8xD3YB9cyLzq TDJH3KdlBbdIxA8aWjZcsZ3ok+DF5WqOa57LXehNpXg0fg/aPqqG2YyzCqsPB10L V6tsfAaIJZx9frKc5y0S6GvGZCVJVpl6ml8i/SyT5oS8HOVap8qVkHw2CgUZZCwq Q2+fNsbPC1Lq2nsytG4qAsfcQmc/3jv3XeojVIyYOstMvmxcm1fB+Xu2SkF3JUIt 0XPi50Ach6gL2SGaRjm2KtY9rfoJqqzSkrHm8EYM3Upclg5AK0gnaLKLL7XmAQb+ jMmKOmVgY2/OPsJMMLyMKXdnAdiQfDRmQTF/WEZHPo8kKKDcVuYbHvI1nPZxRROd JXQAsqLpoGjvvD0Po2z8O/1efTzWLEnSHOeNaTZtipqG/0EyPBb/6w0LNOyffj9x SbhOIahM8TT2mZTvDGwMP+VMrH4GYBDyNw9Yee5OqvOn7vO7estoSKEBZQrgAtBR WE3O68arn+hMPEEKHPV/GR/KjJR0Ep8P86EsqC/VjGkBb5RAENxttjhPsWrNYo+g GNASXgNjHPRiRYE/w9kuDdeHUwPf5mt9TWv16JIUemEOuassSR0= =bAx9 -----END PGP SIGNATURE-----