ALSA-2021:3253

[ALSA-2021:3253] Important: libsndfile security update

Type:

security

Severity:

important

Release date:

2021-11-12

Description:

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. 

Security Fix(es):

* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2021-3246

Updated packages listed below:

Architecture	Package	Checksum
i686	libsndfile-1.0.28-10.el8_4.1.i686.rpm	a3f34fa6b1fbcdedc6a71458aad13e977b6daea9e40aea94d723e5cfaefff1a0
i686	libsndfile-devel-1.0.28-10.el8_4.1.i686.rpm	f1df4ddddf0da9017cf1ae85f40d30d977b79be67e87e356495ed7e90af3cf83
x86_64	libsndfile-devel-1.0.28-10.el8_4.1.x86_64.rpm	bfba28389d3443b9ff9381a38c2441360e475d9c846f6a1188ef249186c46ce6
x86_64	libsndfile-1.0.28-10.el8_4.1.x86_64.rpm	c16dcef117a3a396e0040d1e37f9ec3ae46bb3d34dc18b569f43be345832ba25

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.