Bug 1291103 - fix for CVE-2015-7805 unclear
Summary: fix for CVE-2015-7805 unclear
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: libsndfile
Version: 23
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Andreas Thienemann
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-12-13 22:41 UTC by Lasse Kliemann
Modified: 2016-02-17 01:23 UTC (History)
2 users (show)

Fixed In Version: libsndfile-1.0.25-18.fc23 libsndfile-1.0.25-18.fc22 libsndfile-1.0.17-8.el5
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-12-20 06:52:39 UTC
Type: Bug


Attachments (Terms of Use)

Description Lasse Kliemann 2015-12-13 22:41:04 UTC
Description of problem:
As per <https://bodhi.fedoraproject.org/updates/FEDORA-2015-5afed1aad2>, a fix for CVE-2015-7805 was provided for stable on 2015-11-13, release 17.fc23.

As per 'dnf info libsndfile', I have this version installed here on my FC23 machine. However, the demo from <https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html> still makes audacity crash.

Version-Release number of selected component (if applicable):
FC23 and libsndfile 1.0.25 17.fc23.

How reproducible:
Run the Perl script from <https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html> and call 'audacity nemux.aiff'.

Actual results:
Segmentation fault.

Expected results:
Audacity should start. I tested this on an Ubuntu-based distribution.

Comment 1 Michal Hlavinka 2015-12-16 17:24:44 UTC
You are right, that patch was incomplete.

Comment 2 Fedora Update System 2015-12-17 10:55:45 UTC
libsndfile-1.0.25-18.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-71b291686c

Comment 3 Fedora Update System 2015-12-17 10:55:47 UTC
libsndfile-1.0.17-8.el5 has been submitted as an update to Fedora EPEL 5. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d1309b0eb2

Comment 4 Fedora Update System 2015-12-17 10:55:57 UTC
libsndfile-1.0.25-18.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-0be7a2e1b8

Comment 5 Fedora Update System 2015-12-18 10:19:24 UTC
libsndfile-1.0.17-8.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'yum --enablerepo=epel-testing update libsndfile'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d1309b0eb2

Comment 6 Fedora Update System 2015-12-18 11:27:21 UTC
libsndfile-1.0.25-18.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update libsndfile'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-0be7a2e1b8

Comment 7 Fedora Update System 2015-12-18 11:56:02 UTC
libsndfile-1.0.25-18.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update libsndfile'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-71b291686c

Comment 8 Fedora Update System 2015-12-20 06:52:27 UTC
libsndfile-1.0.25-18.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2016-01-22 03:19:26 UTC
libsndfile-1.0.25-18.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2016-02-17 01:22:51 UTC
libsndfile-1.0.17-8.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.