drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in libsamplerate
| Name: |
Pufferüberlauf in libsamplerate |
|
| ID: |
USN-5749-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 16.04 ESM |
|
| Datum: |
Mi, 30. November 2022, 07:03 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7697 |
|
| Applikationen: |
Secret Rabbit Code |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8198410101926795045==
Content-Language: en-US
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="------------lLOcEpXfkGI1hFtUiNfj4ui8"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------lLOcEpXfkGI1hFtUiNfj4ui8
Content-Type: multipart/mixed;
boundary="------------LKPgT8l0aNoa7QVhx1PAndR5";
protected-headers="v1"
From: Ian Constantin <ian.constantin@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <6b15cf25-1de8-d1a4-04f8-ae99140b5e95@canonical.com>
Subject: [USN-5749-1] libsamplerate vulnerability
--------------LKPgT8l0aNoa7QVhx1PAndR5
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
==========================================================================
Ubuntu Security Notice USN-5749-1
November 29, 2022
libsamplerate vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
libsamplerate could cause a crash if it processed a specially crafted
audio file.
Software Description:
- libsamplerate: Audio sample rate conversion library
Details:
Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate
did not properly perform bounds checking. If a user were tricked into
processing a specially crafted audio file, an attacker could possibly
use this issue to cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libsamplerate0 0.1.8-8ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5749-1
CVE-2017-7697
--------------LKPgT8l0aNoa7QVhx1PAndR5--
--------------lLOcEpXfkGI1hFtUiNfj4ui8
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmOGg9QACgkQa1+PL+d1
/EjJ8AwAm9x7zlfkky2myPrbYTxJ3Nimz0i0X8bfdezRvr/DrIEff1vyLpG4sfK2
b5eY5NqP2k8/S08nvmU+pVNiFQeuPxkEs4li8vpfSCcL47qSuABoBPhmSRBQPYJ2
ZNo8geY4g2GnE2H3GHlAmyPPp8euqpYE12LBeQEe+jrztdhwBoGXucxnURJSBtaD
FZ/jXgGTAAKeek9x8ZOZCFTAJEa+5yjfMS+5RHSkaB2KVqr+EJf3iAmYk7w/FtdR
fWSNtRIYvGB0lck0Wjx7RNEHI3D7jTAfTCC+oXE6e96IRe/IJdq6aiXrCQPlGj8/
JN5cn4KciW6W4yfLfCsJuUvl+SqhztLhNeh0VfzUTsuxuE5CkgPE28saZ3OfqwbS
K3b4BfBNdjeu1k//5ToD1retgEaU78s7S6jBa0UJJ37Q314cfVrCV2C25kyOCOg/
QH8OI34X9YdO78XcCh64tkHbam60R+q6sgktLTX9/LrzO+geoxSdJwg45rU48FS6
qAFLhCaO
=tDZw
-----END PGP SIGNATURE-----
--------------lLOcEpXfkGI1hFtUiNfj4ui8--
--===============8198410101926795045==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
Cg==
--===============8198410101926795045==--
|
|
|
|
