Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Fedora 26: 2017-67a3755b96 Critical: Libsndfile Buffer Overflow Fix

fedora
Calendar Grey August 26, 2017
Dist Fedora Esm H88
A security patch for Fedora has been released to rectify a significant buffer overflow vulnerability present in libsndfile, bolstering overall system defenses against potential breaches.
fixes heap-based Buffer Overflow in psf_binheader_writef function (#1483140, CVE-2017-12562)

Summary

libsndfile is a C library for reading and writing sound files such as

AIFF, AU, WAV, and others through one standard interface. It can

currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and

64-bit floating point WAV files and a number of compressed formats. It

compiles and runs on *nix, MacOS, and Win32.

fixes heap-based Buffer Overflow in psf_binheader_writef function (#1483140,

CVE-2017-12562)

[ 1 ] Bug #1483140 - CVE-2017-12562 libsndfile: Heap-based Buffer Overflow in psf_binheader_writef function in common.c

https://bugzilla.redhat.com/show_bug.cgi?id=1483140

su -c 'dnf upgrade libsndfile' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 26
Version: 1.0.28
Release: 6.fc26
Summary: Library for reading and writing sound files

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.