SoundTouch library is vulnerable to reachable assertion in RateTransposer::setChannels() function that can cause denial of service to applications using this library for processing the untrusted file input.
A flaw was found in Olli Parviainen SoundTouch 2.0. The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
Created soundtouch tracking bugs for this issue:
Affects: epel-6 [bug 1601621]
Affects: fedora-all [bug 1601620]
This is fixed by the following upstream commit: