Mageia 2023-0347: audiofile security update
2 patches are added to audiofile source to correct a vulnerability
Summary
2 patches are added to audiofile source to correct a vulnerability.
In Audio File Library (aka audiofile) 0.3.6, there exists one NULL
pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a
that allows an attacker to cause a denial of service via a crafted file.
(CVE-2019-13147)
References
- https://bugs.mageia.org/show_bug.cgi?id=32608
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13147
Resolution
MGASA-2023-0347 - Updated audiofile packages fix a security vulnerability
SRPMS
- 9/core/audiofile-0.3.6-14.mga9
Severity
Publication date: 15 Dec 2023
URL: https://advisories.mageia.org/MGASA-2023-0347.html
Type: security
CVE: CVE-2019-13147
