Import Debian changes 0.3.6-2+deb8u2
audiofile (0.3.6-2+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Address several vulnerabilities (Closes: #857651) - Always check the number of coefficients (CVE-2017-6827 CVE-2017-6828 CVE-2017-6832 CVE-2017-6833 CVE-2017-6835 CVE-2017-6837) - clamp index values to fix index overflow in IMA.cpp (CVE-2017-6829) - Check for multiplication overflow in sfconvert (CVE-2017-6830 CVE-2017-6834 CVE-2017-6836 CVE-2017-6838) - Actually fail when error occurs in parseFormat (CVE-2017-6831) - Check for multiplication overflow in MSADPCM decodeSample (CVE-2017-6839) * Fix signature of multiplyCheckOverflow. It returns a bool, not an int * Check for division by zero in BlockCodec::runPull
parent
e8eaa91c
Please register or sign in to comment