← Back to branch summary

~ubuntu-branches/ubuntu/hardy/audiofile/hardy-security

~ubuntu-branches/ubuntu/hardy/audiofile/hardy-security

« back to all changes in this revision

Viewing changes to debian/changelog

Committer: Bazaar Package Importer
Author(s): Stefan Lesicnik
Date: 2010-03-02 15:59:08 UTC
Revision ID: james.westby@ubuntu.com-20100302155908-mvme5bn5npoxk11l

Tags: 0.2.6-7ubuntu1.8.04.1

https://launchpad.net/bugs/527033

* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile
  in audiofile 0.2.6 allows context-dependent attackers to cause a denial
  of service (application crash) or possibly execute arbitrary code via a
  crafted WAV file.  (LP: #527033)
  - debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when
    decompressing MS ADPCM .wav files.
  - CVE-2008-5824

files added:
debian/patches/22_CVE-2008-5824.dpatch

files modified:
debian/changelog

debian/patches/00list

Show diffs side-by-side

added added

removed removed

debian/changelog

1

audiofile (0.2.6-7ubuntu1.8.04.1) hardy-security; urgency=low

2

3

* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile

4

in audiofile 0.2.6 allows context-dependent attackers to cause a denial

5

of service (application crash) or possibly execute arbitrary code via a

6

crafted WAV file. (LP: #527033)

7

- debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when

8

decompressing MS ADPCM .wav files.

9

- CVE-2008-5824

10

11

-- Stefan Lesicnik <stefan@lsd.lsd.co.za> Tue, 02 Mar 2010 15:59:08 +0200

12

1

13

audiofile (0.2.6-7ubuntu1) hardy; urgency=low

2

14

3

15

* debian/rules: Explicitly enable LFS (LP: #173334).

Older »