ELSA-2025-23457

Опубликовано: 05 янв. 2026

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2025-23457: audiofile security update (MODERATE)

[1:0.3.6-9.0.1]

Fix null pointer dereference [CVE-2025-50950][Orabug: 38777980]

[1:0.3.6-9]

Apply security patches. CVE-2018-17095, CVE-2018-13440
Resolves: rhbz#1600369, rhbz#1601014, rhbz#1637128

[1:0.3.6-8]

Escape macros in %changelog

[1:0.3.6-7]

Merge upstream pull requests #42,#43,#44 from Agostino Sarubbo to fix security issues. CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839

[1:0.3.6-6]

patch to compile with GCC 6

[1:0.3.6-5]

Merge fix from upstream pull request #25 for CVE-2015-7747. Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono no longer causes corruption.

[1:0.3.6-4]

Mass rebuild 2014-01-24

[1:0.3.6-3]

Mass rebuild 2013-12-27

[0.3.6-1]

audiofile 0.3.6

[0.3.5-1]

audiofile 0.3.5

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

audiofile

0.3.6-9.0.1.el7

audiofile-devel

0.3.6-9.0.1.el7

Связанные CVE

CVE-2025-50950

Ссылки на источники

Связанные уязвимости

CVE-2025-50950

CVSS3: 7.5

ubuntu

4 месяца назад

Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function.

CVE-2025-50950

CVSS3: 7.5

nvd

4 месяца назад

Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function.

CVE-2025-50950

CVSS3: 7.5

debian

4 месяца назад

Audiofile v0.3.7 was discovered to contain a NULL pointer dereference ...

GHSA-qxx5-338v-jgwv

CVSS3: 7.5

github

4 месяца назад

Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function.