An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack, related to mishandling of the NAN and INFINITY floating-point values. Upstream issue: https://github.com/erikd/libsndfile/issues/317 Upstream patch: https://github.com/fabiangreffrath/libsndfile/commit/2d54514a4f6437b67829717c05472d2e3300a258
Created libsndfile tracking bugs for this issue: Affects: fedora-all [bug 1499988]