Bug 488364 - CVE-2009-0186 libsndfile: overflows may lead to execution of arbitrary code [epel-5]
CVE-2009-0186 libsndfile: overflows may lead to execution of arbitrary code [...
Status: CLOSED ERRATA
Product: Fedora EPEL
Classification: Fedora
Component: libsndfile (Show other bugs)
el5
All Linux
low Severity medium
: ---
: ---
Assigned To: Andreas Thienemann
Fedora Extras Quality Assurance
ActualBug
: Security
Depends On:
Blocks: CVE-2009-0186
  Show dependency treegraph
 
Reported: 2009-03-03 16:51 EST by Vincent Danen
Modified: 2010-07-21 08:24 EDT (History)
4 users (show)

See Also:
Fixed In Version: libsndfile-1.0.17-3.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-07-21 08:24:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch from upstream (769 bytes, patch)
2010-07-07 09:34 EDT, Michal Hlavinka
no flags Details | Diff

  None (edit)
Description Vincent Danen 2009-03-03 16:51:22 EST
epel-5 tracking bug: see blocks bug list for full details of the security issue(s).



[bug automatically created by: add-tracking-bugs]
Comment 1 Michal Hlavinka 2010-07-07 09:34:13 EDT
Created attachment 430067 [details]
patch from upstream
Comment 2 Michel Alexandre Salim 2010-07-07 19:18:23 EDT
(In reply to comment #1)
> Created an attachment (id=430067) [details]
> patch from upstream    

Thanks; building now. Oddly, the libsndfile-1_0_17-3_el5 tag already exists in CVS, even though the spec file was still at -2 -- since CVS was still at -2 and there was no Koji build for -3, I've re-tagged my build as -3.

Michal, since you're already maintaining the EL-6 branch, I'll defer to you for EL-5 updates once you get co-maintainership.
Comment 3 Fedora Update System 2010-07-07 19:23:09 EDT
libsndfile-1.0.17-3.el5 has been submitted as an update for Fedora EPEL 5.
http://admin.fedoraproject.org/updates/libsndfile-1.0.17-3.el5
Comment 4 Fedora Update System 2010-07-09 01:54:06 EDT
libsndfile-1.0.17-3.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update libsndfile'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/libsndfile-1.0.17-3.el5
Comment 5 Fedora Update System 2010-07-21 08:24:21 EDT
libsndfile-1.0.17-3.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.