This bug was fixed in the package audiofile - 0.3.3-2ubuntu0.3 --------------- audiofile (0.3.3-2ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) - Apply patches backported from Debian 0.3.6-4: + 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch + 05_Always-check-the-number-of-coefficients.patch + 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch + 07_Check-for-multiplication-overflow-in-sfconvert.patch + 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch + 09_Actually-fail-when-error-occurs-in-parseFormat.patch + 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch - CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839 * debian/patches/sfconvert_error_handling.patch: improve sfconvert error handling so we can test the reproducers. -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 22 Mar 2017 10:39:00 -0400 ** Changed in: audiofile (Ubuntu Trusty) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1674005 Title: audiofile: Multiple security issues from March 2017 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs