[USN-7267-1] libsndfile vulnerability

-----BEGIN PGP SIGNATURE-----

wsD5BAABCAAjFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmeuGjUFAwAAAAAACgkQa1+PL+d1/Ejv
twv/ULR3+trdnnJCaIejSne3JRg3LJnVVCMJccHcPFFgdtvu8N4qQ+9RwCkJds/uinqacrVKsJ3X
CMkCZM4scPx4GKf7Hm9tsIz7+ffrQ30DabEJC/m1e4E7swKrL3jET33Lud1T3kWHoir7e+3XAt4T
kpaLof9miXF7J0DKHNa0bcZVpoqQqPFc4PzifnHjD/FpLUwTsuLraXmKH0C9b9wm6G3t+5qY38v9
kta+v5w1uUsOo5Wr4NJasGy5rI+2JYTHvriVNopDKQBmY2XVCLbvOVs+zJYUBaZAqqr7ENw9RmgM
Kem42sYU5SuSgX6JpxmIWaFakTVs2XGa9xN5deqIB+WqyJErcGwIMvrh4DQfJ3Ot2hObqYpQcvtL
cdPW1fDUCqm9Qs8FFzWJZIFtMMgNTSpDzQzmLTvanpm2BsFdqVRv0ubjuzojjSlQuarVzy9CWYIB
FdzrtjpfMCgkFT7f5Hvsyh2xZ6ban3W+mDoWR1y9fnqu5gR2R2zCSoX8LNPz
=wpZH
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7267-1
February 13, 2025

libsndfile vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

libsndfile could be made to crash if it opened a specially crafted file.

Software Description:
- libsndfile: Library for reading/writing audio files

Details:

It was discovered that libsndfile incorrectly handled certain malformed
OggVorbis files. An attacker could possibly use this issue to cause
libsndfile to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
  libsndfile1                     1.0.25-10ubuntu0.16.04.3+esm4
                                  Available with Ubuntu Pro
  sndfile-programs                1.0.25-10ubuntu0.16.04.3+esm4
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7267-1
  CVE-2024-50612