This bug was fixed in the package audiofile - 0.3.3-2ubuntu0.3
---------------
audiofile (0.3.3-2ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005)
- Apply patches backported from Debian 0.3.6-4:
+ 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ 05_Always-check-the-number-of-coefficients.patch
+ 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ 07_Check-for-multiplication-overflow-in-sfconvert.patch
+ 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ 09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
- CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830,
CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834,
CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838,
CVE-2017-6839
* debian/patches/sfconvert_error_handling.patch: improve sfconvert error
handling so we can test the reproducers.
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 22 Mar 2017
10:39:00 -0400
** Changed in: audiofile (Ubuntu Trusty)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1674005
Title:
audiofile: Multiple security issues from March 2017
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
