libsndfile 1.0.28-4ubuntu0.18.04.2 source package in Ubuntu


libsndfile (1.0.28-4ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow in msadpcm_decode_block allows
    arbitrary code execution via crafted WAV file.
    - debian/patches/CVE-2021-3246.patch: upstream patch to src/ms_adpcm.c
      to validate samples per block
    - CVE-2021-3246

 -- Alex Murray <email address hidden>  Wed, 28 Jul 2021 10:22:45 +0930

Upload details

Uploaded by:
Alex Murray
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates main libs
Bionic security main libs


File Size SHA-256 Checksum
libsndfile_1.0.28.orig.tar.gz 1.1 MiB 1ff33929f042fa333aed1e8923aa628c3ee9e1eb85512686c55092d1e5a9dfa9
libsndfile_1.0.28-4ubuntu0.18.04.2.debian.tar.xz 16.0 KiB db61cf49b7241e76788097e7aaaffce8917e571543f72d6749ae703b664759d7
libsndfile_1.0.28-4ubuntu0.18.04.2.dsc 2.0 KiB e1904a1c9872d3295a35f0bafc836df15710a057643bf0ec8693dd83b1e17492

View changes file

Binary packages built by this source

libsndfile1: Library for reading/writing audio files

 libsndfile is a library of C routines for reading and writing files containing
 sampled audio data.
 Various versions of WAV (integer, floating point, GSM, and compressed formats);
 Microsoft PCM, A-law and u-law formats; AIFF, AIFC and RIFX; various AU/SND
 formats (Sun/NeXT, Dec AU, G721 and G723 ADPCM); RAW header-less PCM files;
 Amiga IFF/8SVX/16SV PCM files; Ensoniq PARIS (.PAF); Apple's Core Audio Format
 (CAF) and others.

libsndfile1-dbgsym: debug symbols for libsndfile1
libsndfile1-dev: Development files for libsndfile; a library for reading/writing audio files

 libsndfile is a library of C routines for reading and writing files containing
 sampled audio data.
 This is the development version of libsndfile. You will need this only if you
 intend to compile programs that use this library.

sndfile-programs: Sample programs that use libsndfile

 This package contains simple programs which use libsndfile for operating on
 sound files.
 Programs include:
   - sndfile-cmp : compare the audio data of two files
   - sndfile-concat : concatenate two or more files
   - sndfile-convert : convert between sound file formats
   - sndfile-info : print information about files
   - sndfile-metadata-get/set : get and set file metadata
   - sndfile-play : play a sound file

sndfile-programs-dbgsym: debug symbols for sndfile-programs