HomeSolus
Diffusion lame 8ed3b38bbd6e

Security update for `lame`

Authored by ikey on May 28 2017, 9:59 PM.

Description

Security update for lame

This update addresses CVE-2017-8419 in the lame package:

LAME through 3.99.5 relies on the signed integer data type for values in
a WAV or AIFF header, which allows remote attackers to cause a denial of
service (stack-based buffer overflow or heap-based buffer overflow) or
possibly have unspecified other impact via a crafted file, as demonstrated
by mishandling of num_channels.

Signed-off-by: Ikey Doherty <ikey@solus-project.com>

Details

Committed
ikeyMay 28 2017, 9:59 PM
Pushed
ikeyMay 28 2017, 10:00 PM
Parents
R1599:ed7fcd3353c7: Update abireport
Branches
Unknown
Tags
Unknown
References
tag: lame-3.99.5-6

Event Timeline

For some reason I read this as "Security update is lame"...

*goes back to the cave*

Lmao so did I xD