Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted libsndfile 1.0.27-3+deb9u1 (source amd64) into oldstable
Date: Thu, 29 Oct 2020 15:40:19 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 28 Oct 2020 19:03:02 +0200
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs libsndfile1-dbg sndfile-programs-dbg
Architecture: source amd64
Version: 1.0.27-3+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Erik de Castro Lopo <erikd@mega-nerd.com>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dbg - debugging symbols for libsndfile
 libsndfile1-dev - Development files for libsndfile; a library for reading/writing a
 sndfile-programs - Sample programs that use libsndfile
 sndfile-programs-dbg - debugging symbols for sndfile-programs
Changes:
 libsndfile (1.0.27-3+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-3832
     heap read overflow in wav_write_header due to incomplete
     fix for CVE-2018-19758.
   * CVE-2018-19758
     heap read overflow in wav_write_header
   * CVE-2018-19662, CVE-2018-19661, CVE-2017-14246, CVE-2017-14245
     multiple buffer overflows in a/ulaw functions.
   * CVE-2017-14634
     fix for division by zero errors
   * CVE-2017-6892
     An error in the "aiff_read_chanmap()" function could be exploited
     to cause an out-of-bounds read memory access via a specially
     crafted AIFF file.
Checksums-Sha1:
 2641d76759aab70848c9e13553f9db22558ff0b4 2512 libsndfile_1.0.27-3+deb9u1.dsc
 e112d4937352d1722b06911b00c79e9bce15095c 1192337 libsndfile_1.0.27.orig.tar.gz
 a499a703969375d7fe1eaaa2d0e4355a42e7788d 17156 libsndfile_1.0.27-3+deb9u1.debian.tar.xz
 7a455cffbab1df90f19b8ced19b8723472be0ce8 458976 libsndfile1-dbg_1.0.27-3+deb9u1_amd64.deb
 8b575840923010dc423257b95358c8c6d6888f99 361582 libsndfile1-dev_1.0.27-3+deb9u1_amd64.deb
 5df0bd4184a8b9485d1bbdfb6e6e87c52935242e 248008 libsndfile1_1.0.27-3+deb9u1_amd64.deb
 a3c708b22df7bb347f55f3d0b5058c95c80a2395 7620 libsndfile_1.0.27-3+deb9u1_amd64.buildinfo
 38f14f0552e4df0ebb837827fa20c7f81047f87c 160276 sndfile-programs-dbg_1.0.27-3+deb9u1_amd64.deb
 de2ab49161da55929a0ba5c6642b00101b761071 126642 sndfile-programs_1.0.27-3+deb9u1_amd64.deb
Checksums-Sha256:
 6149b7cb44212d3dd6e3ec0cfafacb7c98d78a955a4e823f4a9372f1f6568672 2512 libsndfile_1.0.27-3+deb9u1.dsc
 a391952f27f4a92ceb2b4c06493ac107896ed6c76be9a613a4731f076d30fac0 1192337 libsndfile_1.0.27.orig.tar.gz
 6c5b5e3cc805f96b2e13ea1a022f246ffb6714e059691e73fc3b46de0b2c0530 17156 libsndfile_1.0.27-3+deb9u1.debian.tar.xz
 51c9cc6a25635b8b6becd0dfefc4bc9b49081174b43b80270c9858e7913af71b 458976 libsndfile1-dbg_1.0.27-3+deb9u1_amd64.deb
 5568a86402a5f5d1a9a65bad469b72b3db4dbf8c6a9c7be589529d8670e50e1b 361582 libsndfile1-dev_1.0.27-3+deb9u1_amd64.deb
 de03844264db0d54675cdd03e6472099597849106e56d4f64c55dc74c4b70fe0 248008 libsndfile1_1.0.27-3+deb9u1_amd64.deb
 53f606c36fde677c3f0205f11fee308ea95a7875f560c80b137b3bf5895f367c 7620 libsndfile_1.0.27-3+deb9u1_amd64.buildinfo
 83616fe88d61e1f60389913cb0f6f32bd4db3d216c404830fe96b3aa891795ff 160276 sndfile-programs-dbg_1.0.27-3+deb9u1_amd64.deb
 c2a7340147d646ca5abfc3855c0a6df710db4024c9cd4986b3b8ab49b7558f77 126642 sndfile-programs_1.0.27-3+deb9u1_amd64.deb
Files:
 cae5b1489a02238d8958fee2b818587a 2512 devel optional libsndfile_1.0.27-3+deb9u1.dsc
 fd1d97c6077f03b5d984d7956ffedb7a 1192337 devel optional libsndfile_1.0.27.orig.tar.gz
 a979f6a8b66e3f814d4a1f1a28d40740 17156 devel optional libsndfile_1.0.27-3+deb9u1.debian.tar.xz
 1a478bd7c40ba9aa6594f7794dfcf4af 458976 debug extra libsndfile1-dbg_1.0.27-3+deb9u1_amd64.deb
 3b8e60e520b89b689d5b2816972b2a3c 361582 libdevel optional libsndfile1-dev_1.0.27-3+deb9u1_amd64.deb
 914cbe797e27d59ef9104b20b20fb6ee 248008 libs optional libsndfile1_1.0.27-3+deb9u1_amd64.deb
 3866947b899003c775fb36adeb5a61ee 7620 devel optional libsndfile_1.0.27-3+deb9u1_amd64.buildinfo
 d5ae15fbf89200ca81270db3f22efd2f 160276 debug extra sndfile-programs-dbg_1.0.27-3+deb9u1_amd64.deb
 c65ccf14f4ddb4c1cdfb3526229cffa3 126642 utils optional sndfile-programs_1.0.27-3+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl+a3idfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR4XpD/jFI7Fkc5xyT/dwC9iYXMvYw06spGVG
3exPhxHa4JAy9DzVCX28l3MqpI2TAFSuczgIxjRoJQWceExG1NmzZeT9IM4N+/Vc
4RrQq+tBWkqJPKa11yWtPziq06W4OKP1EDZObrVtprNKuAeXpKWSB8hMPbUPR66y
mayCUyPggU1sM2uLMbiMeu7/JtAR9nbDx+fmNqyilv+9hzMKvUr87w5LrbznTpoX
lWKz8DEk+UHdFPvdPFc2pL6QMg8prqqI1jUyNz7cRRPP3nxbdeIPUKivs/JrMZvM
pca1b4Zy58SlbQAj9b5Y9yhoHz1vcrpWF/Y8Ju+G7K5864lDL/BK1FXQT9PiR67k
SP1zd0Tysh3iP33LEbpWwneQkovBTqJ9LmDlUNTyoZMhemwncbwRzLTvFL3ZxiqL
5haNhmxYraO5XOrH8ic+TECSUi/YfwWR3lYHZ+7WSYIDHz4bIiA3JFMAO0tK/eTt
wdH4U2IA9jWCR1PFAOh9yNHCGH6lUUeID/M4KXPsOP2wvCZ6tjUP92sVSlcWQnan
Jo4XoFRwM3bF+WKsACCDpKpVg2CUHkWetNPWvyRQKRBqb/0kTKsnB9JUBdWHjgme
lwxL2HSismlVmXkmqWHPDtpOhq1LkbdCDHHtfi9Dv1k7HN1oQgvsykSEdPuDNZUt
cmOAcb/JRptb
=j9SH
-----END PGP SIGNATURE-----
News for package libsndfile
