drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in libsndfile
| Name: |
Denial of Service in libsndfile |
|
| ID: |
USN-7267-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 16.04 LTS |
|
| Datum: |
Fr, 14. Februar 2025, 07:10 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2024-50612 |
|
| Applikationen: |
libsndfile |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============4307305704110050515==
Content-Language: en-US
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="------------QKhU8FaQNt0lFVVVVhHQt8gT"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------QKhU8FaQNt0lFVVVVhHQt8gT
Content-Type: multipart/mixed;
boundary="------------Q9p2avtkwLtB6sHdHDiQeUGV";
protected-headers="v1"
From: Ian Constantin <ian.constantin@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <65621bc9-12a6-4b3d-b7df-9326cb3bedd7@canonical.com>
Subject: [USN-7267-1] libsndfile vulnerability
--------------Q9p2avtkwLtB6sHdHDiQeUGV
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
==========================================================================
Ubuntu Security Notice USN-7267-1
February 13, 2025
libsndfile vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
libsndfile could be made to crash if it opened a specially crafted file.
Software Description:
- libsndfile: Library for reading/writing audio files
Details:
It was discovered that libsndfile incorrectly handled certain malformed
OggVorbis files. An attacker could possibly use this issue to cause
libsndfile to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
libsndfile1 1.0.25-10ubuntu0.16.04.3+esm4
Available with Ubuntu Pro
sndfile-programs 1.0.25-10ubuntu0.16.04.3+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7267-1
CVE-2024-50612
--------------Q9p2avtkwLtB6sHdHDiQeUGV--
--------------QKhU8FaQNt0lFVVVVhHQt8gT
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
wsD5BAABCAAjFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmeuGjUFAwAAAAAACgkQa1+PL+d1/Ejv
twv/ULR3+trdnnJCaIejSne3JRg3LJnVVCMJccHcPFFgdtvu8N4qQ+9RwCkJds/uinqacrVKsJ3X
CMkCZM4scPx4GKf7Hm9tsIz7+ffrQ30DabEJC/m1e4E7swKrL3jET33Lud1T3kWHoir7e+3XAt4T
kpaLof9miXF7J0DKHNa0bcZVpoqQqPFc4PzifnHjD/FpLUwTsuLraXmKH0C9b9wm6G3t+5qY38v9
kta+v5w1uUsOo5Wr4NJasGy5rI+2JYTHvriVNopDKQBmY2XVCLbvOVs+zJYUBaZAqqr7ENw9RmgM
Kem42sYU5SuSgX6JpxmIWaFakTVs2XGa9xN5deqIB+WqyJErcGwIMvrh4DQfJ3Ot2hObqYpQcvtL
cdPW1fDUCqm9Qs8FFzWJZIFtMMgNTSpDzQzmLTvanpm2BsFdqVRv0ubjuzojjSlQuarVzy9CWYIB
FdzrtjpfMCgkFT7f5Hvsyh2xZ6ban3W+mDoWR1y9fnqu5gR2R2zCSoX8LNPz
=wpZH
-----END PGP SIGNATURE-----
--------------QKhU8FaQNt0lFVVVVhHQt8gT--
--===============4307305704110050515==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
Cg==
--===============4307305704110050515==--
|
|
|
|
