[Buildroot] [git commit] package/libsndfile: add security patch for CVE-2021-3246
Peter Korsgaard
peter at korsgaard.com
Mon Oct 4 21:57:02 UTC 2021
>>>>> "Arnout" == Arnout Vandecappelle (Essensium/Mind) <arnout at mind.be> writes:
> commit: https://git.buildroot.net/buildroot/commit/?id=cb18218ad125c1e4c13010c8ee946057ee07103c
> branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
> A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile
> 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
> https://nvd.nist.gov/vuln/detail/CVE-2021-3246
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout at mind.be>
Committed to 2021.02.x, 2021.05.x and 2021.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list