This bug was fixed in the package audiofile - 0.3.3-2ubuntu0.3
--------------- audiofile (0.3.3-2ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) - Apply patches backported from Debian 0.3.6-4: + 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch + 05_Always-check-the-number-of-coefficients.patch + 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch + 07_Check-for-multiplication-overflow-in-sfconvert.patch + 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch + 09_Actually-fail-when-error-occurs-in-parseFormat.patch + 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch - CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839 * debian/patches/sfconvert_error_handling.patch: improve sfconvert error handling so we can test the reproducers.
-- Marc Deslauriers <email address hidden> Wed, 22 Mar 2017 10:39:00 -0400
This bug was fixed in the package audiofile - 0.3.3-2ubuntu0.3
---------------
audiofile (0.3.3-2ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: multiple vulnerabilities (LP: #1674005) index-values- to-fix- index-overflow- in-IMA. cpp.patch check-the- number- of-coefficients .patch for-multiplicat ion-overflow- in-MSADPCM- decodeSam. patch for-multiplicat ion-overflow- in-sfconvert. patch signature- of-multiplyChec kOverflow. -It-returns- a-b.patch fail-when- error-occurs- in-parseFormat. patch for-division- by-zero- in-BlockCodec- runPull. patch 2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, 2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, patches/ sfconvert_ error_handling. patch: improve sfconvert error
- Apply patches backported from Debian 0.3.6-4:
+ 04_clamp-
+ 05_Always-
+ 06_Check-
+ 07_Check-
+ 08_Fix-
+ 09_Actually-
+ 10_Check-
- CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830,
CVE-
CVE-
CVE-2017-6839
* debian/
handling so we can test the reproducers.
-- Marc Deslauriers <email address hidden> Wed, 22 Mar 2017 10:39:00 -0400