Skip to content
Commit 242f0192 authored by Salvatore Bonaccorso's avatar Salvatore Bonaccorso Committed by Sebastian Ramacher
Browse files

Import Debian changes 0.3.6-2+deb8u2 

audiofile (0.3.6-2+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Address several vulnerabilities (Closes: #857651)
    - Always check the number of coefficients (CVE-2017-6827 CVE-2017-6828
      CVE-2017-6832 CVE-2017-6833 CVE-2017-6835 CVE-2017-6837)
    - clamp index values to fix index overflow in IMA.cpp (CVE-2017-6829)
    - Check for multiplication overflow in sfconvert (CVE-2017-6830
      CVE-2017-6834 CVE-2017-6836 CVE-2017-6838)
    - Actually fail when error occurs in parseFormat (CVE-2017-6831)
    - Check for multiplication overflow in MSADPCM decodeSample
      (CVE-2017-6839)
  * Fix signature of multiplyCheckOverflow. It returns a bool, not an int
  * Check for division by zero in BlockCodec::runPull
parent e8eaa91c
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment