[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#49817] [PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-202

From: Bruno Victal
Subject: [bug#49817] [PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].
Date: Sun, 2 Apr 2023 13:59:16 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.1

Hi Leo,

On 2021-08-01 23:31, Leo Famulari wrote:
> CVE-2021-3246 is "A heap buffer overflow vulnerability in msadpcm_decode_block
> of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted
> WAV file."

What's blocking this from being merged?
(Perhaps it's also a chance to plug it into core-updates to avoid adding the 


reply via email to

[Prev in Thread] Current Thread [Next in Thread]