Debian Bug report logs -
#443386
CVE-2007-4974 heap overflow via crafted PCM data
Reported by: Nico Golde <nion@debian.org>
Date: Thu, 20 Sep 2007 23:09:01 UTC
Severity: grave
Tags: security
Found in version 1.0.16-1
Fixed in version 1.0.17-4
Done: Samuel Mimram <smimram@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#443386; Package libsndfile.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to Samuel Mimram <smimram@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: libsndfile
Version: 1.0.16-1
Severity: grave
Tags: security
Hi,
a CVE was published for libsndfile.
CVE-2007-4974[0]:
Heap-based buffer overflow in libsndfile 1.0.17 and earlier
might allow remote attackers to execute arbitrary code via a
FLAC file with crafted PCM data containing a block with a
size that exceeds the previous block size.
If you fix this bug please include the CVE id in the
changelog data.
See https://bugs.gentoo.org/show_bug.cgi?id=192834 for
further information and patch.
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974
Kind regards
Nico
--
Nico Golde - http://ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#443386; Package libsndfile.
(full text, mbox, link).
Acknowledgement sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
Extra info received and forwarded to list. Copy sent to Samuel Mimram <smimram@debian.org>.
(full text, mbox, link).
Message #10 received at 443386@bugs.debian.org (full text, mbox, reply):
Nico Golde wrote:
> If you fix this bug please include the CVE id in the
> changelog data.
I has already beedn fixed, so there is no mention of the CVE id
in the changelog.
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974
Err, that URL doesn't give me anything useful.
Erik
--
-----------------------------------------------------------------
Erik de Castro Lopo
-----------------------------------------------------------------
Unsolicited Broadcast Email is Forced Pay-per-view
Advertising.
Reply sent to Samuel Mimram <smimram@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #15 received at 443386-close@bugs.debian.org (full text, mbox, reply):
Source: libsndfile
Source-Version: 1.0.17-4
We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive:
libsndfile1-dev_1.0.17-4_i386.deb
to pool/main/libs/libsndfile/libsndfile1-dev_1.0.17-4_i386.deb
libsndfile1_1.0.17-4_i386.deb
to pool/main/libs/libsndfile/libsndfile1_1.0.17-4_i386.deb
libsndfile_1.0.17-4.diff.gz
to pool/main/libs/libsndfile/libsndfile_1.0.17-4.diff.gz
libsndfile_1.0.17-4.dsc
to pool/main/libs/libsndfile/libsndfile_1.0.17-4.dsc
sndfile-programs_1.0.17-4_i386.deb
to pool/main/libs/libsndfile/sndfile-programs_1.0.17-4_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 443386@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Samuel Mimram <smimram@debian.org> (supplier of updated libsndfile package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 20 Sep 2007 23:40:17 +0000
Source: libsndfile
Binary: libsndfile1 libsndfile1-dev sndfile-programs
Architecture: source i386
Version: 1.0.17-4
Distribution: unstable
Urgency: low
Maintainer: Samuel Mimram <smimram@debian.org>
Changed-By: Samuel Mimram <smimram@debian.org>
Description:
libsndfile1 - Library for reading/writing audio files
libsndfile1-dev - Library for reading/writing audio files
sndfile-programs - Sample programs that use libsndfile
Closes: 443386
Changes:
libsndfile (1.0.17-4) unstable; urgency=low
.
* Added overflow.dpatch to fix a possible heap-based buffer overflow
(CVE-2007-4974), closes: #443386.
Files:
0699bba5f79d92ac39aecdd8036e9b71 703 devel optional libsndfile_1.0.17-4.dsc
c264e3c8f9d3a157f143ed03eee3991c 9666 devel optional libsndfile_1.0.17-4.diff.gz
3552eb74be37724ddbd68719c1051796 323414 libdevel optional libsndfile1-dev_1.0.17-4_i386.deb
ddaac07082d16397cb81dd2466b61c46 196254 libs optional libsndfile1_1.0.17-4_i386.deb
60c22fa21d0ab9096effc6e441ff3ea1 75908 utils optional sndfile-programs_1.0.17-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFG8wa2Iae1O4AJae8RAu70AJ0f5gsCuhKCMKPdYYtPZjI8yRkebQCfYjzU
L9wQAISAEFOofInt8LSNAm8=
=YeoL
-----END PGP SIGNATURE-----
Information forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#443386; Package libsndfile.
(full text, mbox, link).
Acknowledgement sent to Samuel Mimram <samuel.mimram@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to Samuel Mimram <smimram@debian.org>.
(full text, mbox, link).
Message #20 received at 443386@bugs.debian.org (full text, mbox, reply):
Erik de Castro Lopo wrote:
> Nico Golde wrote:
>
>> If you fix this bug please include the CVE id in the
>> changelog data.
>
> I has already beedn fixed, so there is no mention of the CVE id
> in the changelog.
Do you mean that it is already fixed in the version that Debian is
shipping (1.0.17)??? Just to make sure, the changelog mentionned here is
the one of the Debian package.
Cheers,
Samuel.
Information forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#443386; Package libsndfile.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Samuel Mimram <smimram@debian.org>.
(full text, mbox, link).
Message #25 received at 443386@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi,
* Erik de Castro Lopo <erikd@mega-nerd.com> [2007-09-21 02:16]:
> Nico Golde wrote:
>
> > If you fix this bug please include the CVE id in the
> > changelog data.
>
> I has already beedn fixed, so there is no mention of the CVE id
> in the changelog.
At least 1.0.17-3, testing and stable were vulnerable when
reporting this issue.
> > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974
>
> Err, that URL doesn't give me anything useful.
It does give you a link to the gentoo bts where you find a
patch.
Cheers
Nico
>
> Erik
> --
> -----------------------------------------------------------------
> Erik de Castro Lopo
> -----------------------------------------------------------------
> Unsolicited Broadcast Email is Forced Pay-per-view
> Advertising.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
Nico Golde - http://ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Bug marked as found in version 1.0.16-1.
Request was from Nico Golde <nion@debian.org>
to control@bugs.debian.org.
(Fri, 21 Sep 2007 00:30:02 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Samuel Mimram <smimram@debian.org>:
Bug#443386; Package libsndfile.
(full text, mbox, link).
Acknowledgement sent to Erik de Castro Lopo <erikd@mega-nerd.com>:
Extra info received and forwarded to list. Copy sent to Samuel Mimram <smimram@debian.org>.
(full text, mbox, link).
Message #32 received at 443386@bugs.debian.org (full text, mbox, reply):
Nico Golde wrote:
> Hi,
> * Erik de Castro Lopo <erikd@mega-nerd.com> [2007-09-21 02:16]:
> > Nico Golde wrote:
> >
> > > If you fix this bug please include the CVE id in the
> > > changelog data.
> >
> > I has already beedn fixed, so there is no mention of the CVE id
> > in the changelog.
>
> At least 1.0.17-3, testing and stable were vulnerable when
> reporting this issue.
Ah, I'm the upstream author and I was talking about my changelog
for the code currently in Bzr.
> > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974
> >
> > Err, that URL doesn't give me anything useful.
>
> It does give you a link to the gentoo bts where you find a
> patch.
Ok, got it. That was my patch.
Cheers,
Erik
--
-----------------------------------------------------------------
Erik de Castro Lopo
-----------------------------------------------------------------
Microsoft VISTA : Virus Infection Spyware Trojans and Adware!
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 16 Mar 2009 10:21:57 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:00:03 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon