[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-22 Thread Marc Deslauriers
** Changed in: audiofile (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1674005 Title: audiofile: Multiple security issues from March 2017 To manage notif

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-22 Thread Launchpad Bug Tracker
This bug was fixed in the package audiofile - 0.3.6-3ubuntu0.1 --- audiofile (0.3.6-3ubuntu0.1) yakkety-security; urgency=high * SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) - Apply patches from Debian 0.3.6-4: + 04_clamp-index-values-to-fix-index-overflow-in-I

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-22 Thread Launchpad Bug Tracker
This bug was fixed in the package audiofile - 0.3.3-2ubuntu0.3 --- audiofile (0.3.3-2ubuntu0.3) precise-security; urgency=medium * SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) - Apply patches backported from Debian 0.3.6-4: + 04_clamp-index-values-to-fix-index-

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-22 Thread Launchpad Bug Tracker
This bug was fixed in the package audiofile - 0.3.6-2ubuntu0.14.04.2 --- audiofile (0.3.6-2ubuntu0.14.04.2) trusty-security; urgency=high * SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) - Apply patches from Debian 0.3.6-4: + 04_clamp-index-values-to-fix-index-ov

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-22 Thread Launchpad Bug Tracker
This bug was fixed in the package audiofile - 0.3.6-2ubuntu0.16.04.1 --- audiofile (0.3.6-2ubuntu0.16.04.1) xenial-security; urgency=high * SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) - Apply patches from Debian 0.3.6-4: + 04_clamp-index-values-to-fix-index-ov

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-21 Thread Mathew Hodson
** Changed in: audiofile (Ubuntu) Importance: Undecided => Medium ** Changed in: audiofile (Ubuntu Precise) Importance: Undecided => Medium ** Changed in: audiofile (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: audiofile (Ubuntu Xenial) Importance: Undecided => Mediu

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-21 Thread Marc Deslauriers
ACK on the debdiffs in comments 1, 2 and 3. I'm building them now with a slight change to add a missing CVE. I'll publish them once I've finished backporting to precise and have tested precise and trusty. Thanks! ** Also affects: audiofile (Ubuntu Trusty) Importance: Undecided Status:

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-18 Thread Jeremy Bicha
** Also affects: audiofile (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: audiofile (Ubuntu Xenial) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bug

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-18 Thread Jeremy Bicha
** Description changed: https://security-tracker.debian.org/tracker/source-package/audiofile http://openwall.com/lists/oss-security/2017/02/26/ + https://github.com/mpruett/audiofile/issues/32 + https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializec

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-18 Thread Jeremy Bicha
** Patch added: "audiofile-mar2017-security-trusty.debdiff" https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+attachment/4840083/+files/audiofile-mar2017-security-trusty.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-18 Thread Jeremy Bicha
** Patch added: "audiofile-mar2017-security-xenial.debdiff" https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+attachment/4840082/+files/audiofile-mar2017-security-xenial.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-18 Thread Jeremy Bicha
** Description changed: https://security-tracker.debian.org/tracker/source-package/audiofile http://openwall.com/lists/oss-security/2017/02/26/ - Fixed in Debian unstable and synced to zesty + Fixed in Debian unstable 0.3.6-4 and synced to zesty. + + debdiffs attached for 14.04 LTS and up.

[Bug 1674005] Re: audiofile: Multiple security issues from March 2017

2017-03-18 Thread Jeremy Bicha
** Tags removed: 2015-7747 ** Tags added: trusty xenial yakkety -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1674005 Title: audiofile: Multiple security issues from March 2017 To manage notificati