3426b37ebb
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-double64_init-Check-psf-sf.channels-against-upper-bo.patch | ||
| 0002-Check-MAX_CHANNELS-in-sndfile-deinterleave.patch | ||
| 0003-a-ulaw-fix-multiple-buffer-overflows-432.patch | ||
| 0004-src-wav.c-Fix-heap-read-overflow.patch | ||
| 0005-wav_write_header-don-t-read-past-the-array-end.patch | ||
| Config.in | ||
| libsndfile.hash | ||
| libsndfile.mk | ||