* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile
in audiofile 0.2.6 allows context-dependent attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via a
crafted WAV file. (LP: #527033)
- debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when
decompressing MS ADPCM .wav files.
- CVE-2008-5824
-- Stefan Lesicnik <email address hidden> Wed, 24 Feb 2010 19:13:42 +0200
This bug was fixed in the package audiofile - 0.2.6-7ubuntu2.1
---------------
audiofile (0.2.6-7ubuntu2.1) karmic-security; urgency=high
* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile patches/ 22_CVE- 2008-5824. dpatch: Fix buffer overflow when
in audiofile 0.2.6 allows context-dependent attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via a
crafted WAV file. (LP: #527033)
- debian/
decompressing MS ADPCM .wav files.
- CVE-2008-5824
-- Stefan Lesicnik <email address hidden> Wed, 24 Feb 2010 19:13:42 +0200