-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 28 May 2017 22:52:39 +0200 Source: libsndfile Binary: libsndfile1-dev libsndfile1 sndfile-programs libsndfile1-dbg sndfile-programs-dbg Architecture: source Version: 1.0.27-3 Distribution: unstable Urgency: medium Maintainer: Erik de Castro Lopo <erikd@mega-nerd.com> Changed-By: IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org> Description: libsndfile1 - Library for reading/writing audio files libsndfile1-dbg - debugging symbols for libsndfile libsndfile1-dev - Development files for libsndfile; a library for reading/writing a sndfile-programs - Sample programs that use libsndfile sndfile-programs-dbg - debugging symbols for sndfile-programs Closes: 860255 862202 862203 862204 862205 Changes: libsndfile (1.0.27-3) unstable; urgency=medium . * Mentioned CVEs fixed by fix_bufferoverflows.patch (CVE-2017-7741, CVE-2017-7586, CVE-2017-7585) * Backported patch for error handling of malicious/broken FLAC files (CVE-2017-7742, CVE-2017-7741, CVE-2017-7585) (Closes: #860255) * Backported patch to fix buffer read overflow in FLAC code (CVE-2017-8362) (Closes: #862204) * Backported patches to fix memory leaks in FLAC code (CVE-2017-8363) (Closes: #862203) * Backported patch to fix buffer overruns in FLAC-code (CVE-2017-8365, CVE-2017-8363, CVE-2017-8361) (Closes: #862205, #862203, #862202) . * Added Vcs-* stanzas to d/control Checksums-Sha1: 1ba035530bd1d8fef1423eca479edf5db8ef2628 2325 libsndfile_1.0.27-3.dsc 3e8f3576bce8dc565b1db811dd7a2861ec6b2b4e 14944 libsndfile_1.0.27-3.debian.tar.xz 3a03ed8d076e305d02e4da85ce5c61d04f41b7da 6992 libsndfile_1.0.27-3_amd64.buildinfo Checksums-Sha256: 2aad1627be9e40b1d46351cf66e8be1c98c9c0c997a4e29560d7bb17b47700e5 2325 libsndfile_1.0.27-3.dsc f0dfb219d920423161d3ecbe5c576cbc7fe0a8169335b9efcad4528ca7e8e463 14944 libsndfile_1.0.27-3.debian.tar.xz f81d2a2c606108ba1243740cd8735964a411c6a2a1d74baf527a660108702cb6 6992 libsndfile_1.0.27-3_amd64.buildinfo Files: 008c5fc1524f3105802fb7f241e989a9 2325 devel optional libsndfile_1.0.27-3.dsc 910e06b21b2dc8607df249118c05f98f 14944 devel optional libsndfile_1.0.27-3.debian.tar.xz ba4e818c2469241f6410594e5ddd9838 6992 devel optional libsndfile_1.0.27-3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEdAXnRVdICXNIABVttlAZxH96NvgFAlkrOv8ACgkQtlAZxH96 Nvj7+w//Xz+KQYXOLZcJf2t1BtpdTyeqjtOu0huX+QQLRLGcLXDu+uiokLnKGfvG L8iGXb3Pmh0nUgSvw5/1I0XvqgPdgPHpJbEWaVmeqJhz0aAyXaXb5ylXp85P+OM+ oo5vxkTqEwmMhM0FT1LhppM0gZJMPu8FOwEu8b7T7+yfrkFMTgR0z/RQqYUHbYW0 jowy/atUNTp25lnb2G0NhjuSvWxF5lw7QhWQyRo2PvXYl0MgOYkbYuJYx0VxJGhK f7BO1j88CCZFeXc2yG3o7HX5Prairz7hPtd7UNheZF4n9iP8GxhjJOLlf5d1oYZ2 3XqnFP1po0tvNX9ndaYQa/Imp3rWR3lGoyOFtuIDAzfbHsf6fYyD4jD8+jS80PJN cwLiEUtcCe091jdHuqSvRAkHNSo1Pa6zopvZzYmTXU2b9MbefsDKt/WfZ3xIlBoy BofEiBuQ081/lWgDH+fv/vOgHFNy+BnpuPaE2FVG82LC11sgFwt40GJiB1LkhgI0 mjUUoG+qcAIxU5ZjpnBddahk5bkgc2QRnjKeT0rKOATJS5lPLtob3y5jQlEbJnQ3 phz2+zrSAfP7+LPuBp9BBVQMzc5Be0SqlzUTlHEhbxzYUgGnR9DsIXnZ8ancamhC mC5dl6LBd/ii9Uzh/xhZxPc7AQXQvClC5F0pyIyr7bZ3YgeYvAc= =up1C -----END PGP SIGNATURE-----