-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 14 Mar 2009 14:02:28 +0000
Source: libsndfile
Binary: libsndfile1 libsndfile1-dev sndfile-programs
Architecture: source amd64
Version: 1.0.16-2+etch1
Distribution: oldstable-security
Urgency: high
Maintainer: Anand Kumria <wildfire@progsoc.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
libsndfile1 - Library for reading/writing audio files
libsndfile1-dev - Library for reading/writing audio files
sndfile-programs - Sample programs that use libsndfile
Changes:
libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix integer overflow leading to a heap-based buffer overflow
via a crafted CAF file by limiting the number of channels
per frame (CVE-2009-0186).
Files:
2782d11c87eb6cdbcbb4757bdcba3582 659 devel optional libsndfile_1.0.16-2+etch1.dsc
94c24295ef3f6461e417f7953e3df405 5872 devel optional libsndfile_1.0.16-2+etch1.diff.gz
5590289019e10655b831451a93b10d43 322418 libdevel optional libsndfile1-dev_1.0.16-2+etch1_amd64.deb
a873f6260972d3f18bb5bfcefc355894 187326 libs optional libsndfile1_1.0.16-2+etch1_amd64.deb
3cbb5bbe4f0af88cd8f33e5296427cc3 70686 utils optional sndfile-programs_1.0.16-2+etch1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkm8HCoACgkQHYflSXNkfP9wLQCfW7XoquKIjmctUZ06/fyLRkJd
wfIAn33LIfFnTx84ZN7byq9Yz6tJr6wX
=3IFr
-----END PGP SIGNATURE-----
Accepted:
libsndfile1-dev_1.0.16-2+etch1_amd64.deb
to pool/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch1_amd64.deb
libsndfile1_1.0.16-2+etch1_amd64.deb
to pool/main/libs/libsndfile/libsndfile1_1.0.16-2+etch1_amd64.deb
libsndfile_1.0.16-2+etch1.diff.gz
to pool/main/libs/libsndfile/libsndfile_1.0.16-2+etch1.diff.gz
libsndfile_1.0.16-2+etch1.dsc
to pool/main/libs/libsndfile/libsndfile_1.0.16-2+etch1.dsc
sndfile-programs_1.0.16-2+etch1_amd64.deb
to pool/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch1_amd64.deb
