Описание
Security update for libsndfile
This update for libsndfile fixes the following issues:
- CVE-2017-7585,CVE-2017-7741,CVE-2017-7742: Some stack-based buffer overflows via a specially crafted FLAC file were fixed (error in the 'flac_buffer_copy()' function) (bsc#1033054, bsc#1033914, bsc#1033915).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2017:1030-1
- E-Mail link for SUSE-SU-2017:1030-1
- SUSE Security Ratings
- SUSE Bug 1033054
- SUSE Bug 1033914
- SUSE Bug 1033915
- SUSE CVE CVE-2017-7585 page
- SUSE CVE CVE-2017-7741 page
- SUSE CVE CVE-2017-7742 page
Описание
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Затронутые продукты
Ссылки
- CVE-2017-7585
- SUSE Bug 1033054
- SUSE Bug 1033914
- SUSE Bug 1033915
Описание
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Затронутые продукты
Ссылки
- CVE-2017-7741
- SUSE Bug 1033054
- SUSE Bug 1033915
Описание
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Затронутые продукты
Ссылки
- CVE-2017-7742
- SUSE Bug 1033054
- SUSE Bug 1033914