Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-912-1: Audio File Library vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-912-1: Audio File Library vulnerability
# 1  
Old 03-16-2010
USN-912-1: Audio File Library vulnerability
Referenced CVEs:
CVE-2008-5824


Description:
=========================================================== Ubuntu Security Notice USN-912-1 March 16, 2010 audiofile vulnerability CVE-2008-5824 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libaudiofile0 0.2.6-6ubuntu1.1 Ubuntu 8.04 LTS: libaudiofile0 0.2.6-7ubuntu1.8.04.1 Ubuntu 8.10: libaudiofile0 0.2.6-7ubuntu1.8.10.1 Ubuntu 9.04: libaudiofile0 0.2.6-7ubuntu1.9.04.1 Ubuntu 9.10: libaudiofile0 0.2.6-7ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT SUNOS

audiofile-config

audiofile-config(1)						   User Commands					       audiofile-config(1)

NAME

       audiofile-config - helper script for building with audiofile

SYNOPSIS

       audiofile-config [--version] [--prefix=dir] [--cflags] [--libs] [--exec-prefix=dir]

DESCRIPTION

       The  audiofile-config  tool enables you to specify which compiler and linker flags should be used to compile and link programs that use the
       audiofile library.

OPTIONS

       The following options are supported:

       --version       Print the currently installed version of the library on the standard output.

       --prefix=dir    If specified, use dir instead of the installation prefix that the library was built with, when computing the output for the
		       --cflags and --libs options.  This option must be specified before any --libs or --cflags options. This option is also used
		       for the exec prefix, if the --exec-prefix option is not specified.

       --cflags        Print the compiler flags that are necessary to compile a program using the specified library.

       --libs	       Print the linker flags that are necessary to link with the specified library.

       --exec-prefix=diIf specified, use dir instead of the installation exec prefix that the library was built with, when  computing  the  output
		       for the --cflags and --libs options. This option must be specified before any --libs or --cflags options.

EXAMPLES

       Example 1: Getting the audiofile library version

       example% audiofile-config --version

       Example 2: Determining the libraries required to link with the audiofile library

       example% audiofile-config --libs

EXIT STATUS

       The following exit values are returned:

       0	Application exited successfully

       >0	Application exited with failure

FILES

       The following files are used by this application:

       /usr/bin/audiofile-confiExecutable for audiofile helper script.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWgnome-audio-devel	   |
       +-----------------------------+-----------------------------+
       |Interface stability	     |External			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       pkg-config(1), libaudiofile(3)

NOTES

       This man page was originally written by Chris Waters (xtifr@debian.org) for Debian GNU/Linux. Rewritten by Brian Cameron, Sun Microsystems,
       using information from the orbit2-config(1)  man page, by Dick Porter (dick@acm.org) and Elliot Lee (sopwith@redhat.com)

SunOS 5.10							    7 Jan 2003						       audiofile-config(1)