audiofile-0.3.6-9.5 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10267-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z audiofile-0.3.6-9.5 on GA media These are all security issues fixed in the audiofile-0.3.6-9.5 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10267 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2015-7747/ SUSE CVE CVE-2015-7747 page openSUSE Tumbleweed audiofile-0.3.6-9.5 audiofile-devel-0.3.6-9.5 audiofile-devel-32bit-0.3.6-9.5 audiofile-doc-0.3.6-9.5 libaudiofile1-0.3.6-9.5 libaudiofile1-32bit-0.3.6-9.5 audiofile-0.3.6-9.5 as a component of openSUSE Tumbleweed audiofile-devel-0.3.6-9.5 as a component of openSUSE Tumbleweed audiofile-devel-32bit-0.3.6-9.5 as a component of openSUSE Tumbleweed audiofile-doc-0.3.6-9.5 as a component of openSUSE Tumbleweed libaudiofile1-0.3.6-9.5 as a component of openSUSE Tumbleweed libaudiofile1-32bit-0.3.6-9.5 as a component of openSUSE Tumbleweed Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. CVE-2015-7747 openSUSE Tumbleweed:audiofile-0.3.6-9.5 openSUSE Tumbleweed:audiofile-devel-0.3.6-9.5 openSUSE Tumbleweed:audiofile-devel-32bit-0.3.6-9.5 openSUSE Tumbleweed:audiofile-doc-0.3.6-9.5 openSUSE Tumbleweed:libaudiofile1-0.3.6-9.5 openSUSE Tumbleweed:libaudiofile1-32bit-0.3.6-9.5 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7747.html CVE-2015-7747 https://bugzilla.suse.com/949399 SUSE Bug 949399