GNU bug report logs - #49817
[PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Sun, 1 Aug 2021 22:33:01 UTC

Severity: normal

Tags: patch, security

Done: Andreas Enge <andreas <at> enge.fr>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: Andreas Enge <andreas <at> enge.fr>
Cc: guix-devel <at> gnu.org, 49817 <at> debbugs.gnu.org, Felix Lechner <felix.lechner <at> lease-up.com>
Subject: [bug#49817] [core-updates] It would be nice to fix libsndfile CVE-2021-3246 (arbitrary code execution via crafted WAV file)
Date: Wed, 5 Apr 2023 11:54:13 -0400

On Wed, Apr 05, 2023 at 10:46:05AM +0200, Andreas Enge wrote:
> Well, an update causes a lot of rebuilds anyway. The NEWS of 1.2.0 look
> like it is in fact only a bugfix release, so I took the risk to update to
> this latest version. pulseaudio still compiles, and pavucontrol still works
> on my machine.
> 
> The update is pushed to core-updates, but I would suggest to keep the bug
> open until it is merged to master.

Thank you Andreas!

This bug report was last modified 2 years and 82 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #49817 [PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].

GNU bug report logs - #49817
[PATCH] gnu: libsndfile: Update to 1.1.0beta1 [fixes CVE-2021-3246].