This bug was fixed in the package audiofile - 0.2.6-7ubuntu2.1 --------------- audiofile (0.2.6-7ubuntu2.1) karmic-security; urgency=high
* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file. (LP: #527033) - debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when decompressing MS ADPCM .wav files. - CVE-2008-5824 -- Stefan Lesicnik <ste...@lsd.lsd.co.za> Wed, 24 Feb 2010 19:13:42 +0200 ** Changed in: audiofile (Ubuntu Karmic) Status: Confirmed => Fix Released ** Changed in: audiofile (Ubuntu Jaunty) Status: Confirmed => Fix Released -- CVE-2008-5824 audiofile denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file https://bugs.launchpad.net/bugs/527033 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs