Package: libsndfile Version: 1.0.16-1 Severity: grave Tags: security Hi, a CVE was published for libsndfile. CVE-2007-4974[0]: Heap-based buffer overflow in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
If you fix this bug please include the CVE id in the changelog data. See https://bugs.gentoo.org/show_bug.cgi?id=192834 for further information and patch. [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974 Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp9DYzEq42Od.pgp
Description: PGP signature
