FEDORA-2018-41626fa774

security update in Fedora 28 for audiofile

Status: testing 6 days ago

Fixes for CVE-2018-13440 and CVE-2018-17095.

Comments 2

This update has been submitted for testing by limb.

This update has been pushed to testing.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1600368 CVE-2018-13440 audiofile: NULL pointer dereference in modules/ModuleState.cpp:ModuleState::setup() allows for denial of service via crafted file [fedora-all]
#1631089 CVE-2018-17095 audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert [fedora-all]
Content Type
RPM
Status
testing
Test Gating
Submitted by
Update Type
security
Update Severity
low
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 8 days ago
in testing 6 days ago
days to stable 1

Related Bugs 2

00 #1600368 CVE-2018-13440 audiofile: NULL pointer dereference in modules/ModuleState.cpp:ModuleState::setup() allows for denial of service via crafted file [fedora-all]
00 #1631089 CVE-2018-17095 audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert [fedora-all]

Automated Test Results