This bug was fixed in the package audiofile - 0.3.6-2ubuntu0.16.04.1
---------------
audiofile (0.3.6-2ubuntu0.16.04.1) xenial-security; urgency=high
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005)
- Apply patches from Debian 0.3.6-4:
+ 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ 05_Always-check-the-number-of-coefficients.patch
+ 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ 07_Check-for-multiplication-overflow-in-sfconvert.patch
+ 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ 09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
- CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830,
CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834,
CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838,
CVE-2017-6839
-- Jeremy Bicha <[email protected]> Thu, 16 Mar 2017 21:43:45 +0100
** Changed in: audiofile (Ubuntu Xenial)
Status: New => Fix Released
** Changed in: audiofile (Ubuntu Precise)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1674005
Title:
audiofile: Multiple security issues from March 2017
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1674005/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
