Bug ID 1026979
Summary VUL-1: audiofile: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp)
Classification openSUSE
Product openSUSE Distribution
Version Leap 42.2
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter mikhail.kasimov@gmail.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Ref: http://seclists.org/oss-sec/2017/q1/505
=============================================

=============================================

https://software.opensuse.org/package/audiofile

TW|42.{1,2}: 0.3.6

VUL-1 because: http://seclists.org/oss-sec/2017/q1/504
========================================================
Hello all.

I discovered multiple crashes in the audiofile library.
The maintainer was informed privately, I didn't see reactions and all details
are public on my blog.
I posted them to the cveform too, but I didn't get response.
I'll send update if something will change. 

--
Agostino Sarubbo
Gentoo Linux Developer
========================================================

You are receiving this mail because: