• [SECURITY] [DSA 4947-1] libsndfile security update

    From Moritz Muehlenhoff@21:1/5 to All on Fri Jul 30 23:00:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4947-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    July 30, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libsndfile
    CVE ID : CVE-2021-3246
    Debian Bug : 991496

    Andrea Fioraldi discovered a buffer overflow in libsndfile, a library
    for reading/writing audio files, which could result in denial of service
    or potentially the execution of arbitrary code when processing a
    malformed audio file.

    For the stable distribution (buster), this problem has been fixed in
    version 1.0.28-6+deb10u1.

    We recommend that you upgrade your libsndfile packages.

    For the detailed security status of libsndfile please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/libsndfile

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmEEZysACgkQEMKTtsN8 TjZX1Q//QquSVMv7d3c819QVdePLFZ4VKCDQqBQxqUzH+082nGIRqF9IfO8BmXlN zHu4Zgw+GXAmsAv9onJfJsjQab8eWpNUDooSSBHPcoYpT9ba2xDNFe1y3ADOa24r reZAlxSqwpFykKl7WATxN1t8iHpg0qK6HEf0fv7XNVYnldheEVCDy0Mr9+PSVTww H97u4HL8byajEbqoXiub/w3ST1PBLTyg28gftZ9QJbles1j8vLBoYhttUyBXo1zW ERfs90Gjzam89NpRBkY68HUZo/t+JA2WWPNef8YXxAtGB0VO6lhkiAQmwPgarGF/ AD+eSCUzXGTiAQtHwKfvc4ceQT+E01vUoVJcgLlRUtkRGi/4eK/jS1DipvrP46/k PiNsuwdV9XgMnqUVE0pzUfflpFgzYgaQEROsh883hkOjcyTreOmWxY8hb4p2u7nV pF47qRa3ix+gUa6Jr6Scxm2dwm4X6Y/FNi2/EfB6BQexgdGim2YrRfdwzQ4ZklFM /gPn43IB26P/EQ97oxQPsIV7EPkQOHzSAk7+HlBJdqgsjJYBaxs/JMqhfF6lEx3C kz9tpRPhplddrJgLnlEERbTu+ZJVUo6rOKFQ2V/c8eydTvPDAERwwqNAzgjVmacL 9kvUcf37ogyfeZzF5Z0DRXDBCqmu9KrS+WJS2nY20kLIfvgoJao=
    =/3hL
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)