-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:149
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : libsndfile
Date : March 29, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated libsndfile packages fix security vulnerabilities:
libsndfile contains multiple buffer-overflow vulnerabilities in
src/sd2.c because it fails to properly bounds-check user supplied
input, which may allow an attacker to execute arbitrary code or cause
a denial of service (CVE-2014-9496).
libsndfile contains a divide-by-zero error in src/file_io.c which
may allow an attacker to cause a denial of service.
_______________________________________________________________________
References:
http://cve.mitre.org