| Errata ID | 571 |
|---|---|
| Date | 2019-01-09 |
| Source package | libsndfile |
| Fixed in version | 1.0.25-9.1+deb8u2 |
| Description | This update addresses the following issues:
* Out of bounds read in sf_write_int (CVE-2018-13139, CVE-2018-19432)
* Global buffer overflow in i2les_array (CVE-2017-8365)
* Heap-based buffer overflow in flac_buffer_copy (CVE-2017-8363)
* Invalid memory read in flac_buffer_copy (CVE-2017-8362)
* Global buffer overflow in flac_buffer_copy (CVE-2017-8361)
* Multiple divide-by-zero issues in double64_init and
float32_init (CVE-2017-14634)
* Multiple buffer overflow issues in {d,i}2ulaw_array and
{d,i}2alaw_array (CVE-2017-17456, CVE-2017-17457, CVE-2018-19662,
CVE-2018-19661, CVE-2017-14245 and CVE-2017-14246) |
| Additional notes | |
| CVE ID | CVE-2018-13139 CVE-2018-19432 CVE-2017-8365 CVE-2017-8363 CVE-2017-8362 CVE-2017-8361 CVE-2017-14634 CVE-2017-17456 CVE-2017-17457 CVE-2018-19662 CVE-2018-19661 CVE-2017-14245 CVE-2017-14246 |
| UCS Bug number | #48403 |
