Attached is a patch which fixes all these problems.
Cheers,
Erik
PS : I am the upstream author and this is the patch I applied to my
development version.
--
--
Erik de Castro Lopo
http://www.mega-nerd.com/
=== modified fi
Hi,
* Erik de Castro Lopo [2009-05-28 11:52]:
> Sami Liedes wrote:
[...]
> > I don't know what the security impact is, but since I assume
> > libsndfile is used by lots of applications for data obtained from
> > untrusted sources, I thought I'd tag this security. In any case it
> > should be at m
On Thu, May 28, 2009 at 05:53:03PM +1000, Erik de Castro Lopo wrote:
> Sami Liedes wrote:
>
> > I have discovered six different SIGFPE crashes with crafted input
> > files in libsndfile. Triggering input files are attached.
>
> Seems the debian bug tracker filtered them out. Can you please send
Sami Liedes wrote:
> I have discovered six different SIGFPE crashes with crafted input
> files in libsndfile. Triggering input files are attached.
Seems the debian bug tracker filtered them out. Can you please send
them directly to me?
> I don't know what the security impact is, but since I ass
Package: libsndfile1
Version: 1.0.20-1
Severity: normal
Tags: security
Hi,
I have discovered six different SIGFPE crashes with crafted input
files in libsndfile. Triggering input files are attached.
The crashes are:
1) in htk.c:198 (htk_read_header), divisor sample_period can be 0.
2) in alaw.
5 matches
Mail list logo
