Security update for audiofile SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1038-1 Final 1 1 2017-04-18T06:06:00Z current 2017-04-18T06:06:00Z 2017-04-18T06:06:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for audiofile This audiofile update fixes the following issue: Security issues fixed: - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) (bsc#1026979) - CVE-2017-6828: heap-based buffer overflow in readValue (FileHandle.cpp) (bsc#1026980) - CVE-2017-6829: global buffer overflow in decodeSample (IMA.cpp) (bsc#1026981) - CVE-2017-6830: heap-based buffer overflow in alaw2linear_buf (G711.cpp) (bsc#1026982) - CVE-2017-6831: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) (bsc#1026983) - CVE-2017-6832: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) (bsc#1026984) - CVE-2017-6833: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) (bsc#1026985) - CVE-2017-6834: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) (bsc#1026986) - CVE-2017-6835: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) (bsc#1026988) - CVE-2017-6836: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) (bsc#1026987) - CVE-2017-6837, CVE-2017-6838, CVE-2017-6839: multiple ubsan crashes (bsc#1026978) This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html E-Mail link for openSUSE-SU-2017:1038-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 audiofile-0.3.6-10.3.1 audiofile-devel-0.3.6-10.3.1 audiofile-devel-32bit-0.3.6-10.3.1 audiofile-doc-0.3.6-10.3.1 libaudiofile1-0.3.6-10.3.1 libaudiofile1-32bit-0.3.6-10.3.1 audiofile-0.3.6-10.3.1 as a component of openSUSE Leap 42.1 audiofile-devel-0.3.6-10.3.1 as a component of openSUSE Leap 42.1 audiofile-devel-32bit-0.3.6-10.3.1 as a component of openSUSE Leap 42.1 audiofile-doc-0.3.6-10.3.1 as a component of openSUSE Leap 42.1 libaudiofile1-0.3.6-10.3.1 as a component of openSUSE Leap 42.1 libaudiofile1-32bit-0.3.6-10.3.1 as a component of openSUSE Leap 42.1 audiofile-0.3.6-10.3.1 as a component of openSUSE Leap 42.2 audiofile-devel-0.3.6-10.3.1 as a component of openSUSE Leap 42.2 audiofile-devel-32bit-0.3.6-10.3.1 as a component of openSUSE Leap 42.2 audiofile-doc-0.3.6-10.3.1 as a component of openSUSE Leap 42.2 libaudiofile1-0.3.6-10.3.1 as a component of openSUSE Leap 42.2 libaudiofile1-32bit-0.3.6-10.3.1 as a component of openSUSE Leap 42.2 Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file. CVE-2017-6827 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6827.html CVE-2017-6827 https://bugzilla.suse.com/1026979 SUSE Bug 1026979 Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file. CVE-2017-6828 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6828.html CVE-2017-6828 https://bugzilla.suse.com/1026980 SUSE Bug 1026980 The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6829 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6829.html CVE-2017-6829 https://bugzilla.suse.com/1026981 SUSE Bug 1026981 Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6830 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6830.html CVE-2017-6830 https://bugzilla.suse.com/1026982 SUSE Bug 1026982 Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6831 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6831.html CVE-2017-6831 https://bugzilla.suse.com/1026983 SUSE Bug 1026983 Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6832 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6832.html CVE-2017-6832 https://bugzilla.suse.com/1026984 SUSE Bug 1026984 The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file. CVE-2017-6833 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6833.html CVE-2017-6833 https://bugzilla.suse.com/1026985 SUSE Bug 1026985 Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6834 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6834.html CVE-2017-6834 https://bugzilla.suse.com/1026986 SUSE Bug 1026986 The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file. CVE-2017-6835 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6835.html CVE-2017-6835 https://bugzilla.suse.com/1026988 SUSE Bug 1026988 Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6836 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6836.html CVE-2017-6836 https://bugzilla.suse.com/1026987 SUSE Bug 1026987 WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients. CVE-2017-6837 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6837.html CVE-2017-6837 https://bugzilla.suse.com/1026978 SUSE Bug 1026978 Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6838 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6838.html CVE-2017-6838 https://bugzilla.suse.com/1026978 SUSE Bug 1026978 Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2017-6839 openSUSE Leap 42.1:audiofile-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.1:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.1:libaudiofile1-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-devel-32bit-0.3.6-10.3.1 openSUSE Leap 42.2:audiofile-doc-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-0.3.6-10.3.1 openSUSE Leap 42.2:libaudiofile1-32bit-0.3.6-10.3.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00064.html https://www.suse.com/security/cve/CVE-2017-6839.html CVE-2017-6839 https://bugzilla.suse.com/1026978 SUSE Bug 1026978