• oggenc: fix large alloca on bad AIFF input (CVE-2015-6749)

How to install

sudo dnf upgrade --advisory=FEDORA-2015-14664

This update has been submitted for testing by kdudka.

5 years ago

This update has been pushed to testing

5 years ago
User Icon pbrobinson commented & provided feedback 5 years ago
karma

Seems OK

BZ#1258424 vorbis-tools: Bufer overflow in aiff_open function
BZ#1258443 CVE-2015-6749 vorbis-tools: invalid AIFF file causes alloca() buffer overflow
BZ#1258444 CVE-2015-6749 vorbis-tools: invalid AIFF file causes alloca() buffer overflow [fedora-all]
BZ#1258427 vorbis-tools: Bufer overflow in aiff_open function [fedora-all]
User Icon chr77 commented & provided feedback 5 years ago
karma

Works for me

This update has been submitted for stable by bodhi.

5 years ago
User Icon kuosmanen commented & provided feedback 5 years ago
karma

no problems spotted

User Icon kdudka commented & provided feedback 5 years ago

Thanks for the feedback!

This update has been pushed to stable

5 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
5 years ago
in testing
5 years ago
in stable
5 years ago
BZ#1258424 vorbis-tools: Bufer overflow in aiff_open function
0
1
BZ#1258427 vorbis-tools: Bufer overflow in aiff_open function [fedora-all]
0
1
BZ#1258443 CVE-2015-6749 vorbis-tools: invalid AIFF file causes alloca() buffer overflow
0
1
BZ#1258444 CVE-2015-6749 vorbis-tools: invalid AIFF file causes alloca() buffer overflow [fedora-all]
0
1

Automated Test Results