CVE-2017-14246 log

Source
Severity Medium
Remote No
Type Information disclosure
Description
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
Group Package Affected Fixed Severity Status Ticket
AVG-1550 lib32-libsndfile 1.0.28-3 1.0.31-1 Medium Fixed FS#57434
AVG-1549 libsndfile 1.0.28-3 1.0.31-1 Medium Fixed FS#57434
References
https://github.com/libsndfile/libsndfile/issues/317
https://github.com/libsndfile/libsndfile/pull/529
https://github.com/libsndfile/libsndfile/commit/2ccb23fe724d1d946b4e0c51b791cc655da6962e