Accepted libsndfile 1.0.18-2+squeeze1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 11 Sep 2009 21:50:21 -0500
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs
Architecture: source i386
Version: 1.0.18-2+squeeze1
Distribution: testing-security
Urgency: high
Maintainer: Samuel Mimram <smimram@debian.org>
Changed-By: Raphael Geissert <geissert@debian.org>
Description:
libsndfile1 - Library for reading/writing audio files
libsndfile1-dev - Library for reading/writing audio files
sndfile-programs - Sample programs that use libsndfile
Closes: 528650
Changes:
libsndfile (1.0.18-2+squeeze1) testing-security; urgency=high
.
* Non-maintainer upload by the Testing Security Team.
* Upload to testing due to several issues blocking migration of new release
* The following issues are fixed:
- CVE-2009-1788: heap-based buffer overflow in voc_read_header
leading to arbitrary code execution via crafted VOC headers.
- CVE-2009-1791: heap-based buffer overflow in aiff_read_header
leading to arbitrary code execution via crafted AIFF headers.
(Closes: #528650).
- CVE-2009-0186: integer overflow leading to a heap-based buffer overflow
via a crafted CAF file by limiting the number of channels per frame.
Checksums-Sha1:
2278339cd19bb4dcad5c27a27de1803c43cb2e24 1220 libsndfile_1.0.18-2+squeeze1.dsc
d0fb643dc5b1030cf769e06d1260c70320fc877e 923666 libsndfile_1.0.18.orig.tar.gz
90be2336e0001c85074d068c9e72717564f3b134 10519 libsndfile_1.0.18-2+squeeze1.diff.gz
73f58df9e2f38fe95909d4d19ef107f8d84bc6b6 340352 libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
3c6f2831fe5f5b66afa2a95c6e2ca8a60dadd2f5 213524 libsndfile1_1.0.18-2+squeeze1_i386.deb
1d15863ff01bb577729d6adc692b0ae5768b8dfb 90824 sndfile-programs_1.0.18-2+squeeze1_i386.deb
Checksums-Sha256:
9c221254341720591d995a373cfb26663446df5ea5143c26f6024ebedc587f36 1220 libsndfile_1.0.18-2+squeeze1.dsc
c0821534a8510982d26b3085b148d9091dede53780733515eb49c99a65da293a 923666 libsndfile_1.0.18.orig.tar.gz
ef79b645082d4a7935b9b461dde214d2ef971dccfd9cf3a3950b27945c086290 10519 libsndfile_1.0.18-2+squeeze1.diff.gz
f0df48aec7def082c4272773da1d6aeb3b4c7cd62fa55c4b2f3579557f4aba6b 340352 libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
b674d9d36892d0a9e48fee8e7123e01b522d46b7e4894d8d392c97ac838e0830 213524 libsndfile1_1.0.18-2+squeeze1_i386.deb
cae6bd9aa2c716549065e7cb6082afd2fdaaf9c02b99a8211c9cd7733d603c3c 90824 sndfile-programs_1.0.18-2+squeeze1_i386.deb
Files:
bfcd0eb037b3cd061ee1473d867fe1d7 1220 devel optional libsndfile_1.0.18-2+squeeze1.dsc
9fde6efb1b75ef38398acf856f252416 923666 devel optional libsndfile_1.0.18.orig.tar.gz
3ea60755d2a68a97c16feb7e18f31cc6 10519 devel optional libsndfile_1.0.18-2+squeeze1.diff.gz
17ceb59ccc83d69cfb0f65ea4fd7cabb 340352 libdevel optional libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
1c7e5608d63ff78d6a048230013e70b7 213524 libs optional libsndfile1_1.0.18-2+squeeze1_i386.deb
589c79f46d544d49bf85a2d933781ec8 90824 utils optional sndfile-programs_1.0.18-2+squeeze1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkqseaYACgkQYy49rUbZzlqFDwCglXHTwjynXI5rGYqVW26Sfz0p
+YgAnjra5YgoWKk77T/2cHAxUk7XsvEv
=9hMo
-----END PGP SIGNATURE-----
Accepted:
libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
to pool/main/libs/libsndfile/libsndfile1-dev_1.0.18-2+squeeze1_i386.deb
libsndfile1_1.0.18-2+squeeze1_i386.deb
to pool/main/libs/libsndfile/libsndfile1_1.0.18-2+squeeze1_i386.deb
libsndfile_1.0.18-2+squeeze1.diff.gz
to pool/main/libs/libsndfile/libsndfile_1.0.18-2+squeeze1.diff.gz
libsndfile_1.0.18-2+squeeze1.dsc
to pool/main/libs/libsndfile/libsndfile_1.0.18-2+squeeze1.dsc
sndfile-programs_1.0.18-2+squeeze1_i386.deb
to pool/main/libs/libsndfile/sndfile-programs_1.0.18-2+squeeze1_i386.deb
Reply to: