Oval Definition:oval:org.mitre.oval:def:12594
Revision Date:2014-07-21Version:20
Title:DSA-1972-2 audiofile -- buffer overflow
Description:This advisory adds the packages for the old stable distribution, with the exception of the mips packages. The updates for the mips architecture will be released when they become available. The packages for the stable distribution have been released in DSA-1972-1. For reference, the advisory text is provided below. Max Kellermann discovered a heap-based buffer overflow in the handling of ADPCM WAV files in libaudiofile. This flaw could result in a denial of service or possibly execution of arbitrary code via a crafted WAV file. The old stable distribution, this problem has been fixed in version 0.2.6-6+etch1. For the stable distribution, this problem has been fixed in version 0.2.6-7+lenny1. For the testing distribution and the unstable distribution, this problem has been fixed in version 0.2.6-7.1. We recommend that you upgrade your audiofile packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-5824
DSA-1972-2
Platform(s):Debian GNU/Linux 4.0
Product(s):audiofile
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • libaudiofile0 DPKG is earlier than 0.2.6-6+etch1
  • OR libaudiofile-dev DPKG is earlier than 0.2.6-6+etch1
    • BACK