Accepted libsndfile 1.0.31-2+deb11u2 (source) into oldoldstable-security

Wed, 10 Dec 2025 14:18:47 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 09 Dec 2025 22:14:26 +0100
Source: libsndfile
Architecture: source
Version: 1.0.31-2+deb11u2
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Multimedia Maintainers <[email protected]>
Changed-By: Bastien Roucariès <[email protected]>
Closes: 1014713
Changes:
 libsndfile (1.0.31-2+deb11u2) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix CVE-2021-4156 (Closes: #1014713)
     An out-of-bounds read flaw was found in libsndfile's
     FLAC codec functionality. An attacker who is able to
     submit a specially crafted file (via tricking a user
     to open or otherwise) to an application linked with
     libsndfile and using the FLAC codec, could trigger
     an out-of-bounds read that would most likely cause
     a crash but could potentially leak memory information
     that could be used in further exploitation of other flaws.
Checksums-Sha1:
 049ae27692fc392cf9318cc073b65cab87f7b2b6 2328 libsndfile_1.0.31-2+deb11u2.dsc
 4ada136ae38b08a7f17160f44ca9f0d85d53da50 662584 libsndfile_1.0.31.orig.tar.gz
 630a8aec22f95033004d05ad5a79c893b1b7d64d 17884 
libsndfile_1.0.31-2+deb11u2.debian.tar.xz
 76f8f821e4232d277745472d8fb29b31f5eb791d 6008 
libsndfile_1.0.31-2+deb11u2_source.buildinfo
Checksums-Sha256:
 5012394d730083c2e48ee8f4118f674e4d9e3326b1d969aa4a14096981f73835 2328 
libsndfile_1.0.31-2+deb11u2.dsc
 8cdee0acb06bb0a3c1a6ca524575643df8b1f3a55a0893b4dd9f829d08263785 662584 
libsndfile_1.0.31.orig.tar.gz
 e8cac1fb3cb461cc1ef9c7f85faf8a865fd81c8c1e574964e28c3ff7f3815f80 17884 
libsndfile_1.0.31-2+deb11u2.debian.tar.xz
 511e72de295ad4651f0021b38ced975f6a6aaeb906aa825aa341b38c61428eb4 6008 
libsndfile_1.0.31-2+deb11u2_source.buildinfo
Files:
 ed492e7a5ef02207485175c58e394bde 2328 devel optional 
libsndfile_1.0.31-2+deb11u2.dsc
 b43ae73daf35b7b2dd0edd973a31e8fb 662584 devel optional 
libsndfile_1.0.31.orig.tar.gz
 65d43d76e3d618471a71dce578724a61 17884 devel optional 
libsndfile_1.0.31-2+deb11u2.debian.tar.xz
 3cd2394dfea1e554318ecd712b242e59 6008 devel optional 
libsndfile_1.0.31-2+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmk56AwACgkQADoaLapB
CF/XhA//aGaD1y029FrxgcNpWOBkXGYaCEkP//Yu+gWS5Fa/FeGTmNGThyESD9y6
PcfccyzprFHoEhZZghRkhKJ5JTyXiAF5JleEshnmRuOwx6f1CkqEMvicYELPtZXy
itu5jGuKdwWO2yConkSO5aCx78owaOL9Q/9tnX5Nd0/auDbTiYuQGw5Hkn0sGo7E
IuiyMaBKkgA63fz3lmrvME0HeH2XM4IHpPmmXM0QQzXthfL80SN9oGkAwN63VLKd
CbRKcww3WvOU2lIJ9dO5mtjLNK70iyePkfH+80lzZapabO594YU4ggKC5E8p5sJH
c1QoOfRxEBxcWCGKmh3dR20R41V+kpFZ4S4YXO25WkyuRcPBbmRAYvQlUFeLSQFD
X9p2a6YC2Udq7bXX2c1And5HfwDDAIgoayrTohjQVqDNi/mNqOjbNjSJpjZItzZV
xtt04UVD+0npqsWHNF1w+RkzgF+KXfY8Y+yRkdF+q+XXz8dNx9rx/nzcry8TYYcr
Oc2QVmQBB2vC/6TI2Ym7zzsnh5O/a+TaEEpkdZk/2/7F75F7UEbPtx+HumJHeiDE
wnKszSx8HWswO/lmh0nix7kFdYyi+W9w8ufJ/mosaIPCyhkQI/uzKJ+kJ0d+FfV4
gkPaSpBlWGlas0gAXrvanrBDYLesxIDR3RN9o8n4WwD/dPzRrWg=
=FFhF
-----END PGP SIGNATURE-----

Attachment: pgpClBSL5ZBiB.pgp
Description: PGP signature

Reply via email to