SUSE-SU-2023:4330-1

UNKNOWN

Security update for libsndfile

Published Nov 1, 2023

Modified 2 years ago

Fix available

Details

This update for libsndfile fixes the following issues:

CVE-2022-33065: Fixed an integer overflow that could cause memory safety issues when reading a MAT4 file (bsc#1213451).

Affected Packages

libsndfile

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Fixed in:

1.0.28-150000.5.20.1

libsndfile-devel

Fixed in:

1.0.28-150000.5.20.1

libsndfile1

Fixed in:

1.0.28-150000.5.20.1

libsndfile1-32bit

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise Module for Package Hub 15 SP4SUSE Linux Enterprise Module for Package Hub 15 SP5SUSE Linux Enterprise Server 15 SP1-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP1

Fixed in:

1.0.28-150000.5.20.1

libsndfile-progs

openSUSE Leap 15.4openSUSE Leap 15.5

Fixed in:

1.0.28-150000.5.20.1

References

REPORT

https://bugzilla.suse.com/1213451

WEB

https://www.suse.com/security/cve/CVE-2022-33065

ADVISORY