Debian Security Advisory 1442-1 - Rubert Buchholz discovered that libsndfile, a library for reading / writing audio files performs insufficient boundary checks when processing FLAC files, which might lead to the execution of arbitrary code.
62cfe9ae74d16a5aab70897bf8b2abb6d67747b06cb8f5bd3fba49913d6e685e
Gentoo Linux Security Advisory GLSA 200710-04 - Robert Buchholz of the Gentoo Security team discovered that the flac_buffer_copy() function does not correctly handle FLAC streams with variable block sizes which leads to a heap-based buffer overflow. Versions less than 1.0.17-r1 are affected.
cb6be2c374e0dbf08552c7a74d4275119375285f4d3baeb02a4840bc3cb7b298
Ubuntu Security Notice 525-1 - Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges.
2c6937c22bf119a9f249ebc4002d970ce18187beb7c8a17fa0fb05e51d69fb5e
Mandriva Linux Security Advisory - A heap-based buffer overflow in libsndfile could allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data which contains a block with a size exceeding that of the previous block.
dfcba1e41c3ffc317dd2921f2f209a9e2b9b47ea0949dc7a17a41bccd84f2d16