Information on source package libsndfile

Available versions

ReleaseVersion
jessie1.0.25-9.1+deb8u7
stretch1.0.27-3+deb9u3
buster1.0.28-6+deb10u2
bullseye1.0.31-2
bookworm1.2.0-1
trixie1.2.2-1
sid1.2.2-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-50613vulnerablevulnerablevulnerablevulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerablelibsndfile through 1.2.2 has a reachable assertion, that may lead to a ...
CVE-2024-50612vulnerablevulnerablevulnerablevulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerablelibsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out ...
CVE-2022-33065vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableMultiple signed integers overflow in function au_read_header in src/au ...
CVE-2022-33064vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableAn off-by-one error in function wav_read_header in src/wav.c in Libsnd ...
CVE-2021-4156fixedfixedfixedvulnerable (no DSA)fixedfixedfixedAn out-of-bounds read flaw was found in libsndfile's FLAC codec functi ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2018-19432fixedvulnerablefixedfixedfixedfixedfixedAn issue was discovered in libsndfile 1.0.28. There is a NULL pointer ...
CVE-2018-13139fixedvulnerablefixedfixedfixedfixedfixedA stack-based buffer overflow in psf_memset in common.c in libsndfile ...

Resolved issues

BugDescription
CVE-2021-3246A heap buffer overflow vulnerability in msadpcm_decode_block of libsnd ...
CVE-2019-3832It was discovered the fix for CVE-2018-19758 (libsndfile) was not comp ...
CVE-2018-19758There is a heap-based buffer over-read at wav.c in wav_write_header in ...
CVE-2018-19662An issue was discovered in libsndfile 1.0.28. There is a buffer over-r ...
CVE-2018-19661An issue was discovered in libsndfile 1.0.28. There is a buffer over-r ...
CVE-2017-16942In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists ...
CVE-2017-14634In libsndfile 1.0.28, a divide-by-zero error exists in the function do ...
CVE-2017-14246An out of bounds read in the function d2ulaw_array() in ulaw.c of libs ...
CVE-2017-14245An out of bounds read in the function d2alaw_array() in alaw.c of libs ...
CVE-2017-12562Heap-based Buffer Overflow in the psf_binheader_writef function in com ...
CVE-2017-8365The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote a ...
CVE-2017-8363The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...
CVE-2017-8362The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...
CVE-2017-8361The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows re ...
CVE-2017-7742In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...
CVE-2017-7741In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...
CVE-2017-7586In libsndfile before 1.0.28, an error in the "header_read()" function ...
CVE-2017-7585In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" func ...
CVE-2017-6892In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" fu ...
CVE-2015-7805Heap-based buffer overflow in libsndfile 1.0.25 allows remote attacker ...
CVE-2014-9756The psf_fwrite function in file_io.c in libsndfile allows attackers to ...
CVE-2014-9496The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attacke ...
CVE-2011-2696Integer overflow in libsndfile before 1.0.25 allows remote attackers t ...
CVE-2009-4835The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, ( ...
CVE-2009-1791Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 th ...
CVE-2009-1788Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 thr ...
CVE-2009-0186Integer overflow in libsndfile 1.0.18, as used in Winamp and other pro ...
CVE-2007-4974Heap-based buffer overflow in the flac_buffer_copy function in libsndf ...

Security announcements

DSA / DLADescription
DLA-3126-1libsndfile - security update
DLA-3058-1libsndfile - security update
ELA-629-1libsndfile - security update
DSA-4947-1libsndfile - security update
DLA-2722-1libsndfile - security update
ELA-464-1libsndfile - security update
DLA-2418-1libsndfile - security update
ELA-305-1libsndfile - security update
DLA-1712-1libsndfile - security update
ELA-93-1libsndfile - security update
ELA-80-1libsndfile - security update
DLA-1632-1libsndfile - security update
DLA-1618-1libsndfile - security update
DLA-1049-1libsndfile - security update
DLA-985-1libsndfile - security update
DLA-956-1libsndfile - security update
DLA-928-1libsndfile - security update
DLA-356-1libsndfile - security update
DSA-2288-1libsndfile - integer overflow
DSA-1814-1libsndfile - arbitrary code execution
DSA-1742-1libsndfile - arbitrary code execution
DSA-1442-1libsndfile

Search for package or bug name: Reporting problems