libsndfile: CVE-2015-7805: Heap overflow vulnerability when parsing specially crafted AIFF header

Debian Bug report logs - #804445
libsndfile: CVE-2015-7805: Heap overflow vulnerability when parsing specially crafted AIFF header

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: libsndfile: CVE-2015-7805: Heap overflow vulnerability when parsing specially crafted AIFF header

Date: Sun, 08 Nov 2015 17:11:02 +0100

Source: libsndfile
Version: 1.0.25-5
Severity: grave
Tags: security upstream

Hi,

(Setting severity to grave for now, but not fully evaluated)

The following vulnerability was published for libsndfile.

CVE-2015-7805[0]:
| Heap overflow vulnerability when parsing specially crafted AIFF
| header

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-7805
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1277897
[2] https://bugzilla.novell.com/show_bug.cgi?id=953516

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #10 received at 804445-close@bugs.debian.org (full text, mbox, reply):

From: Erik de Castro Lopo <erikd@mega-nerd.com>

To: 804445-close@bugs.debian.org

Subject: Bug#804445: fixed in libsndfile 1.0.25-10

Date: Wed, 11 Nov 2015 01:50:53 +0000

Source: libsndfile
Source-Version: 1.0.25-10

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 804445@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Erik de Castro Lopo <erikd@mega-nerd.com> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 10 Nov 2015 20:36:47 +1100
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs libsndfile1-dbg sndfile-programs-dbg
Architecture: source amd64
Version: 1.0.25-10
Distribution: unstable
Urgency: low
Maintainer: Erik de Castro Lopo <erikd@mega-nerd.com>
Changed-By: Erik de Castro Lopo <erikd@mega-nerd.com>
Description:
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dbg - debugging symbols for libsndfile
 libsndfile1-dev - Development files for libsndfile; a library for reading/writing a
 sndfile-programs - Sample programs that use libsndfile
 sndfile-programs-dbg - debugging symbols for sndfile-programs
Closes: 774162 804445 804447
Changes:
 libsndfile (1.0.25-10) unstable; urgency=low
 .
   * debian/patches :
     - Add 02_sd2_buffer_read_overflow.diff (CVE-2014-9496, closes: #774162).
     - Add 03_file_io_divide_by_zero.diff (CVE-2014-9756, closes: #804447).
     - Add 04_fix_aiff_heap_overflow.diff (CVE-2015-7805, closes: #804445).
   * debian/control: Standards version 3.9.6. No changes needed.
Checksums-Sha1:
 d934446abfa2c193b07dd8a0ebe923cd13643d2f 2105 libsndfile_1.0.25-10.dsc
 e95d9fca57f7ddace9f197071cbcfb92fa16748e 1060692 libsndfile_1.0.25.orig.tar.gz
 295b6d86cecd95217bea5c567a04578035f81acc 12352 libsndfile_1.0.25-10.debian.tar.xz
 955b9bdd61600c700bcbd70767ce14ca682b6fcd 360730 libsndfile1-dbg_1.0.25-10_amd64.deb
 c5b2a3026056de6f362cc0d6b9cfd5236384f7e5 723262 libsndfile1-dev_1.0.25-10_amd64.deb
 286ad76177d34316cb61c594394582692487dfbf 214452 libsndfile1_1.0.25-10_amd64.deb
 5520fa0b2d70fbdf8d53848d321507aff794e16c 139390 sndfile-programs-dbg_1.0.25-10_amd64.deb
 ef4a71eae9478ecc01627dd28a540ef00c5e3461 109642 sndfile-programs_1.0.25-10_amd64.deb
Checksums-Sha256:
 22528941859174d0cf517fbb6791f3408087d750aa873aa102e6ca263a45529b 2105 libsndfile_1.0.25-10.dsc
 59016dbd326abe7e2366ded5c344c853829bebfd1702ef26a07ef662d6aa4882 1060692 libsndfile_1.0.25.orig.tar.gz
 5ffa6a5449cde6e8c4076066eb0cdac99acd9186744fbd000bbe854cc505e7ab 12352 libsndfile_1.0.25-10.debian.tar.xz
 ca5808061ce025a074b447a5fb367dbea9a482db71a75d4acd1194abb5b6509a 360730 libsndfile1-dbg_1.0.25-10_amd64.deb
 a2be7fb91b5b05ec7bd26b4df998df0783ec0658a7e4891be2b74a585eaba7d1 723262 libsndfile1-dev_1.0.25-10_amd64.deb
 cc56434aeb5298d8c82cfe9fbbebe978f09580aa6b6e5161ad337064d5944fee 214452 libsndfile1_1.0.25-10_amd64.deb
 d053b4fef815c358731936dbbc5c820de6300f1eb8dce0b3db845363fd06ac31 139390 sndfile-programs-dbg_1.0.25-10_amd64.deb
 d514c5c5676dea2658b4c63929cd74992a90911414b74c527a5514183b682863 109642 sndfile-programs_1.0.25-10_amd64.deb
Files:
 5425b5d95112c6856f7fde9178f5b988 2105 devel optional libsndfile_1.0.25-10.dsc
 e2b7bb637e01022c7d20f95f9c3990a2 1060692 devel optional libsndfile_1.0.25.orig.tar.gz
 80e0b31bab2e18565c05f0068762c7b1 12352 devel optional libsndfile_1.0.25-10.debian.tar.xz
 881aa240f1da7ab49100905c6e77bc1c 360730 debug extra libsndfile1-dbg_1.0.25-10_amd64.deb
 730b4114324b69efc3ffd936a9bb47b7 723262 libdevel optional libsndfile1-dev_1.0.25-10_amd64.deb
 b5415929db68755065a2a0f1ea0828e8 214452 libs optional libsndfile1_1.0.25-10_amd64.deb
 b57ab2473a42a1ba1c5665aa701a9f63 139390 debug extra sndfile-programs-dbg_1.0.25-10_amd64.deb
 9a16c05897c07e2df779e8e75315d9f0 109642 utils optional sndfile-programs_1.0.25-10_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWQpq4AAoJENfPZGlqN0++OYUP/j0CZVb6n2oX6Y8Qd9bGG+D9
rLb/X+dPGfHA6kaJo80uzQtO7UD+/pCPYNMkbGQWdgNFy/MSMGB+x89FU64w0Dtu
BSx9B9/Udpe1JHOhf4TyNWoxaLQMUYBwT9T3mZM3KAO7aS3S/W+GKEmVkTXwFeqi
/RiX//RZf7ABtSggdsjBTEpDGbfQmDcNeJU4McOVyKcGjltzQYY7iOZ/uRFm2Oqb
Qj0T9CLK02PxajiaU4eCJ7MC6i8Tt205oJZ6H/EnvOBFSDD32fhES24XjNnNOGG8
dvJM2CBSP6m9NaaTk1IfU0EL1J3WIWzuf22TlBQflpCq2cGqsZW+5SQ6VNcOLJ4A
kuYOOGr1d+KH/+1VECrf4JyyHPA+KAP+T2yqYZ3DXwwrP3uacGaKO+j6Vjv1WwPM
Rb8zhOh9BJmNkmm4bWXK1AOkFpqtdEYWDn2z2fnOGM5im8YbT/+gqI78QPDn0xFe
4JITxR4bks2EhJwiPMisrRlSAZtgA8ejeEGcvDHmw/6CtuC/RV562mui1hP6Vd/I
Uen4y6Ibqj0yeTY5UfNgiipISHTUIWZcNCZ6ue5A2Yne7jE+6z0cNbq5HB1EULJt
wm8e/kQLjth4/g4CHSjHfPCgvoAlJr5Cm1I6O6ySgm/vsiCz6LhS0GkabvStXl61
3+EjfOWE440Y0FnhIYYc
=JDnR
-----END PGP SIGNATURE-----

Message #15 received at 804445-close@bugs.debian.org (full text, mbox, reply):

From: Thorsten Alteholz <debian@alteholz.de>

To: 804445-close@bugs.debian.org

Subject: Bug#804445: fixed in libsndfile 1.0.21-3+squeeze2

Date: Mon, 30 Nov 2015 13:19:52 +0000

Source: libsndfile
Source-Version: 1.0.21-3+squeeze2

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 804445@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thorsten Alteholz <debian@alteholz.de> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Sep 2015 11:03:02 +0100
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs
Architecture: source i386
Version: 1.0.21-3+squeeze2
Distribution: squeeze-lts
Urgency: high
Maintainer: Erik de Castro Lopo <erikd@mega-nerd.com>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description: 
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dev - Development files for libsndfile; a library for reading/writing a
 sndfile-programs - Sample programs that use libsndfile
Closes: 774162 804445 804447
Changes: 
 libsndfile (1.0.21-3+squeeze2) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * debian/patches :
     - Add 102_sd2_buffer_read_overflow.diff (CVE-2014-9496, closes: #774162).
     - Add 103_file_io_divide_by_zero.diff (CVE-2014-9756, closes: #804447).
     - Add 104_fix_aiff_heap_overflow.diff (CVE-2015-7805, closes: #804445).
Checksums-Sha1: 
 4ee7de4aa13d8b743395a52f3b78e60e9056afeb 2056 libsndfile_1.0.21-3+squeeze2.dsc
 136845a8bb5679e033f8f53fb98ddeb5ee8f1d97 1014722 libsndfile_1.0.21.orig.tar.gz
 6ca902f8c6e3069e111f18078f60fed40fb392bf 12160 libsndfile_1.0.21-3+squeeze2.debian.tar.gz
 9440b09c7473fba04e8c9f16a8f73a3b7954c94a 366168 libsndfile1-dev_1.0.21-3+squeeze2_i386.deb
 f49f3da8ff65662ab5f8b9ee3fafa8a402b3d9f8 237374 libsndfile1_1.0.21-3+squeeze2_i386.deb
 c0716d0b52fa4388b32b5b0bdfcebcfc0e8b8658 107182 sndfile-programs_1.0.21-3+squeeze2_i386.deb
Checksums-Sha256: 
 adc5b0b11d5c4c8c2954bbc579a07f13a409486c005f15a710360173affa283f 2056 libsndfile_1.0.21-3+squeeze2.dsc
 7e9083a2551ff347276d82cdb61f2b4f9cd137c0b76433800e991583ded8ea67 1014722 libsndfile_1.0.21.orig.tar.gz
 d2dc253b243ee12e0e3701e3b0e0880e5793ea4691fc30825a1afea4b4a9fec3 12160 libsndfile_1.0.21-3+squeeze2.debian.tar.gz
 3cd3fcecdc9e7821ba98a897f5ee7fabc8e2d3e1e176533a1de3bc39d2271b27 366168 libsndfile1-dev_1.0.21-3+squeeze2_i386.deb
 f325c5aaaaa45d03eea89694a4660d02c26eeb2a603dd2701cb697881ec54a99 237374 libsndfile1_1.0.21-3+squeeze2_i386.deb
 c4543c03a3f281c7b2495ec43e69f4286950acda02456f5d6847b5f124ef0f42 107182 sndfile-programs_1.0.21-3+squeeze2_i386.deb
Files: 
 4b8528f7f287428c7ae5c79f5380f900 2056 devel optional libsndfile_1.0.21-3+squeeze2.dsc
 880a40ec636ab2185b97f8927299b292 1014722 devel optional libsndfile_1.0.21.orig.tar.gz
 0320ecab5d382b40a8bbe732530f2319 12160 devel optional libsndfile_1.0.21-3+squeeze2.debian.tar.gz
 92059eb05e48c84c09ca77f71523dc99 366168 libdevel optional libsndfile1-dev_1.0.21-3+squeeze2_i386.deb
 5136622747052c47cf0a1281d335d07c 237374 libs optional libsndfile1_1.0.21-3+squeeze2_i386.deb
 9782e906da5fd503a5ee05f8c57a6d15 107182 utils optional sndfile-programs_1.0.21-3+squeeze2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJWXEnjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHVjoQAIxBB8wINi9qatc9muO5+p9k
Q4IqZQDZ/mkVuvUrfyQhmWvUwFr0N6sGg0TiYrULygANi56tR/NDIkamQ0hahqKw
ewn5Qvq9UheDV0kq5mJT+b0XcideptG6WdeQv/6wPZ/1Cwp95nydyQFnvldn38T6
nIPzERM3m8oaxxz/jkhWy282GRrCUOtXn19+/1il/dimxe64Plv4mRD5VFZ7nPF9
CX35AtEFz2mczxqMr0CRlUg0MK1cXHXzb4KRKiCLtomwKDdkaNw/+2qPb5NblU+b
LCY+huBpWIwVFihpRt8VxFpkQR4Ib15ckX71Ecq08LPi5sygCvzoqdo3/oSl/wVi
CX7PGg55mWgSH95rKkAYDZAteTo5IknR93fJ0XLT4709wMmSTj9xDpbNRmMq1iOY
1WJTQpWdYQJrYjdSZMZ+2ZS3nJ2buSCJi53IZDqRUeIsrqImlCIsCZMale2es8jI
dao/eLVsm2RIX9+3ZOW/h4MmopN6dYRR4JtJfpqgHtO//hE7js9KyCuNCQC0ZXEF
dVg5ZEGykp9cQOkIxsxHdo0a3sCRh41R+2souYiA1NXzZxkCudlUe2Be2JDV+P0b
Z8Pwe4bshEgBUVRbYeYyJXBVrzCqO859GbfpVOYNEclyC7KsYQls0OXNS6LOtzSB
TgVJJ0Dx9ZxYuh4wyuwW
=olp3
-----END PGP SIGNATURE-----

Message #22 received at 804445-close@bugs.debian.org (full text, mbox, reply):

From: Moritz Mühlenhoff <jmm@debian.org>

To: 804445-close@bugs.debian.org

Subject: Bug#804445: fixed in libsndfile 1.0.25-9.1+deb8u1

Date: Thu, 24 Mar 2016 23:18:03 +0000

Source: libsndfile
Source-Version: 1.0.25-9.1+deb8u1

We believe that the bug you reported is fixed in the latest version of
libsndfile, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 804445@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Moritz Mühlenhoff <jmm@debian.org> (supplier of updated libsndfile package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 23 Mar 2016 00:34:11 +0100
Source: libsndfile
Binary: libsndfile1-dev libsndfile1 sndfile-programs libsndfile1-dbg sndfile-programs-dbg
Architecture: source amd64
Version: 1.0.25-9.1+deb8u1
Distribution: jessie
Urgency: medium
Maintainer: Erik de Castro Lopo <erikd@mega-nerd.com>
Changed-By: Moritz Mühlenhoff <jmm@debian.org>
Description:
 libsndfile1 - Library for reading/writing audio files
 libsndfile1-dbg - debugging symbols for libsndfile
 libsndfile1-dev - Development files for libsndfile; a library for reading/writing a
 sndfile-programs - Sample programs that use libsndfile
 sndfile-programs-dbg - debugging symbols for sndfile-programs
Closes: 804445 804447
Changes:
 libsndfile (1.0.25-9.1+deb8u1) jessie; urgency=medium
 .
   * Fix denial of service through division by zero (CVE-2014-9756)
     -> 03_file_io_divide_by_zero.diff (Closes: #804447)
   * Fix heap overflow in AIFF parser (CVE-2015-7805)
     -> 04_fix_aiff_heap_overflow.diff (Closes: #804445)
Checksums-Sha1:
 64cc465e0af1f9dc2bb77a34e8ef37337a8e47f8 2139 libsndfile_1.0.25-9.1+deb8u1.dsc
 b6e2375a06200a5ae36546fdefdbdb57fb5b6bef 12108 libsndfile_1.0.25-9.1+deb8u1.debian.tar.xz
 7d3d3c1ce17ed4ac3faf9495ed190c19c6e58aef 702674 libsndfile1-dev_1.0.25-9.1+deb8u1_amd64.deb
 43e120d90f3885488389ca948fca2f3e3929473d 214796 libsndfile1_1.0.25-9.1+deb8u1_amd64.deb
 c21ca839d4819a6a087794de9a287ce7762e3c06 109180 sndfile-programs_1.0.25-9.1+deb8u1_amd64.deb
 2f7a01c7a2fa77f81ecad3987385d90a305d3a25 345820 libsndfile1-dbg_1.0.25-9.1+deb8u1_amd64.deb
 1c4f9db4a4e626b3aac018ca6c8284cc428c9b87 138434 sndfile-programs-dbg_1.0.25-9.1+deb8u1_amd64.deb
Checksums-Sha256:
 441513a750ed084d7fdc176d267893b9c71d5da43a896d9728738ac69e8b9bc2 2139 libsndfile_1.0.25-9.1+deb8u1.dsc
 a50b9b97d65ba03444f765402e91b878368cf9d6096fdf8635d12d9f4d64b6a1 12108 libsndfile_1.0.25-9.1+deb8u1.debian.tar.xz
 09c8ab6cbd8609eaaae2b8ade0c49295a9e4050c1fd8ae509f4d12257aa0974d 702674 libsndfile1-dev_1.0.25-9.1+deb8u1_amd64.deb
 380f699ef71bf56689d85b3870c198ba233dfb631b9c0318e1107be507fecaff 214796 libsndfile1_1.0.25-9.1+deb8u1_amd64.deb
 d58f3316dd439b536e1684545b6b2a18ef2ba09431f12c9ba5c0c1122857c1ce 109180 sndfile-programs_1.0.25-9.1+deb8u1_amd64.deb
 815f6a5cbccc7e25007cbdc9f3a1aed14af22e27f15ecdcd54c84253be9d637e 345820 libsndfile1-dbg_1.0.25-9.1+deb8u1_amd64.deb
 52ea43d5c26703751c8dc3d51e71906fed71a7f2263f8da341e96ad2d2e90ecd 138434 sndfile-programs-dbg_1.0.25-9.1+deb8u1_amd64.deb
Files:
 b14c99650eb21b67f8985d7bbb4dfa12 2139 devel optional libsndfile_1.0.25-9.1+deb8u1.dsc
 39f22a077d20a5f4af5ec052b3ce6d70 12108 devel optional libsndfile_1.0.25-9.1+deb8u1.debian.tar.xz
 c0098f8c0135c920bdfdd4b5ade64864 702674 libdevel optional libsndfile1-dev_1.0.25-9.1+deb8u1_amd64.deb
 6dfbd0fb0b76b9a79b9f8b4e614874e1 214796 libs optional libsndfile1_1.0.25-9.1+deb8u1_amd64.deb
 822e7c9719f9d4c90bc641c97ffe7f6d 109180 utils optional sndfile-programs_1.0.25-9.1+deb8u1_amd64.deb
 708dc713eaf9f11f1ca07a32067b3eba 345820 debug extra libsndfile1-dbg_1.0.25-9.1+deb8u1_amd64.deb
 8b75409125a8e99a47c4a06b38160b9b 138434 debug extra sndfile-programs-dbg_1.0.25-9.1+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJW8xvvAAoJEBDCk7bDfE42wdIP/0Ea8agrw93ii/KOmch7sMKR
LbFtXcZ62vh4zJQc4fNaypPqXtOJB4qC9Bz58W6WbGLz+t3ylNyE56xcLGEG0+fh
FbmonSH3A/9lKMo0vL5VC8+G+HtMdYbSijEGrGQXIhQDile5476iwZW5KJzl0tOu
IwJ+DkUGM6/iMU76D7Y9dZrs/1t7CjFUqA/SN2TGLFhIP7x485+oir+OLMVaPvwV
JV0K5xG/d9v6H/66d4rB6jrZrA2qQ/XYIlmFv5qzoAsjWEEx9tRY1AHQ8pSLYAei
YvN/pWEISK5o3ogsJCJGOElBnUcmP2fpCksw2wVDwJC7lgIte/r2GLbHqA7vk4Y/
EMTTROPZ0dTPbzjbiqfrZ8XUuowJMutGuKg9C9N/6EZjLlBT1AmYQ80rXv9WyWKU
ICq5o004Kvezm4ARGhbrLPyZKSheXowQcDQPmWSlbI5vMFVNonNbnsdNtU/ycHDF
Hthmks4KFiHw8h/H3BzXwnjyo09WcKeNbvcp9surn6eV/Tqa+n9+9wmJU56Tzq/6
Y7pANrQhhZWNDbZqnnJptjRr4PWHRIqCxoFUPfnPb95TdH+zMRodtssNCKTdiHiP
bayObi6NWcytbtdstGDt+IZB3eEHwVkFQor/htB6MyLVncnN+9XeHH7AWcT18ELD
Fsm7/VMZYxxqkXHXnwUI
=rE8O
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.