Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.3361
audiofile security update
30 September 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: audiofile
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2018-17095 CVE-2018-13440
Reference: ESB-2018.3264
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:3877
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: audiofile security update
Advisory ID: RHSA-2020:3877-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3877
Issue date: 2020-09-29
CVE Names: CVE-2018-13440 CVE-2018-17095
=====================================================================
1. Summary:
An update for audiofile is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The Audio File library is an implementation of the Audio File Library from
SGI, which provides an API for accessing audio file formats like
AIFF/AIFF-C, WAVE, and NeXT/Sun .snd/.au files.
Security Fix(es):
* audiofile: Heap-based buffer overflow in Expand3To4Module::run() when
running sfconvert (CVE-2018-17095)
* audiofile: NULL pointer dereference in ModuleState::setup() in
modules/ModuleState.cpp allows for denial of service via crafted file
(CVE-2018-13440)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1600367 - CVE-2018-13440 audiofile: NULL pointer dereference in ModuleState::setup() in modules/ModuleState.cpp allows for denial of service via crafted file
1631088 - CVE-2018-17095 audiofile: Heap-based buffer overflow in Expand3To4Module::run() when running sfconvert
6. Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source:
audiofile-0.3.6-9.el7.src.rpm
x86_64:
audiofile-0.3.6-9.el7.i686.rpm
audiofile-0.3.6-9.el7.x86_64.rpm
audiofile-debuginfo-0.3.6-9.el7.i686.rpm
audiofile-debuginfo-0.3.6-9.el7.x86_64.rpm
audiofile-devel-0.3.6-9.el7.i686.rpm
audiofile-devel-0.3.6-9.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source:
audiofile-0.3.6-9.el7.src.rpm
x86_64:
audiofile-0.3.6-9.el7.i686.rpm
audiofile-0.3.6-9.el7.x86_64.rpm
audiofile-debuginfo-0.3.6-9.el7.i686.rpm
audiofile-debuginfo-0.3.6-9.el7.x86_64.rpm
audiofile-devel-0.3.6-9.el7.i686.rpm
audiofile-devel-0.3.6-9.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
Source:
audiofile-0.3.6-9.el7.src.rpm
ppc64:
audiofile-0.3.6-9.el7.ppc.rpm
audiofile-0.3.6-9.el7.ppc64.rpm
audiofile-debuginfo-0.3.6-9.el7.ppc.rpm
audiofile-debuginfo-0.3.6-9.el7.ppc64.rpm
audiofile-devel-0.3.6-9.el7.ppc.rpm
audiofile-devel-0.3.6-9.el7.ppc64.rpm
ppc64le:
audiofile-0.3.6-9.el7.ppc64le.rpm
audiofile-debuginfo-0.3.6-9.el7.ppc64le.rpm
audiofile-devel-0.3.6-9.el7.ppc64le.rpm
s390x:
audiofile-0.3.6-9.el7.s390.rpm
audiofile-0.3.6-9.el7.s390x.rpm
audiofile-debuginfo-0.3.6-9.el7.s390.rpm
audiofile-debuginfo-0.3.6-9.el7.s390x.rpm
audiofile-devel-0.3.6-9.el7.s390.rpm
audiofile-devel-0.3.6-9.el7.s390x.rpm
x86_64:
audiofile-0.3.6-9.el7.i686.rpm
audiofile-0.3.6-9.el7.x86_64.rpm
audiofile-debuginfo-0.3.6-9.el7.i686.rpm
audiofile-debuginfo-0.3.6-9.el7.x86_64.rpm
audiofile-devel-0.3.6-9.el7.i686.rpm
audiofile-devel-0.3.6-9.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
Source:
audiofile-0.3.6-9.el7.src.rpm
x86_64:
audiofile-0.3.6-9.el7.i686.rpm
audiofile-0.3.6-9.el7.x86_64.rpm
audiofile-debuginfo-0.3.6-9.el7.i686.rpm
audiofile-debuginfo-0.3.6-9.el7.x86_64.rpm
audiofile-devel-0.3.6-9.el7.i686.rpm
audiofile-devel-0.3.6-9.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-13440
https://access.redhat.com/security/cve/CVE-2018-17095
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3Oj5dzjgjWX9erEAQhOQw/8CdpewpI2SuY92gDJVMUvf/Bi/l/mkzk4
EBzlbBGO8Bvi+JtQnv2g2V/1RpPAz8dXZ1aUt+nmK7TzAe72PcpqCLVU0pSAA5tm
jqJ5ur/8BK/cguEwQjVmOkpgLDPykAijrOrrt+pzh8hyLH4kxA7lz+W5lKpAyH0q
uTfAIHRSs4sSyxaWLtWXcMYFURJnmMGgr0rwUQdumzadxhtSfh18Y0FlzdkprR5R
CK7rYkdcqs5mYiiA/sLv2Ezs/HiMzBjXoQAPu1nwEMSYyJr7x8Wvwu2JaM4zPIEu
5zbiyadydRiEuLjWmM1CZDlTHXJcZD0gSg2xhR046Mf/8z9BsWch9AGDPS1Nrv91
KCaTKcl5X/R+oZXWxATzRFy5gGY4BT1oeycRE8EWAqH1MFdGfFeTetYuxh9LoV03
WfqJWM/WcaAypNwPcHKC4tqqgMaSB8C3UeurL04i52K0+2yKkOvOQk7z1ZiIzSef
zO+tSY5cRgDJ+IVsW/2aPHxBTjdyXdv0hr66wvGE46cRhtCN3ddYHp8E882ZGkS6
P4BTMQBDJWg9BS1v4OgwSVS1Jic9B2xtOUOUL9ur19VIqFYUsq/LTcITYH4ibkA2
PPtI1U2gySOi5mf86ujWHaHUfc9tVytuTZA5tl0AF4DAn6aWth7KE8app+vj2gHT
UECLdnpohxw=
=mNHd
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBX3P0tONLKJtyKPYoAQiTIA/+NreKaRrOLDQvJSjl15R0iI7v6jHPYMHc
O91MZnWsNcOBOMPRX/u1/5sANQ5y5ErKw+vnAXRL5Lht8LsbY2uAvbHWyOR1CT6S
hBWixAMobnJcNtnJDs76WWVNX6jvGZr6rh8ixDXzbyv7+cJcm4ZxWLLBOtnd2w5p
59yIJnadi2ElkIWB7o8XEGiPTIjInKgMUS9XzN841/JgZ0BP6pu2PiqLTrhh1yZf
fAxZWK25yYEe9OT5rC1kNKkWtOCPge7Q8fFk8GIcVmOKxSgyNPthxEQ9dGFgdA76
XW9ccyTt5tktglZi0kl4NJS4HVpm5Q6VOazBe/Itzi7wjlwFVCciNC6RSNO9Q2XV
xOvbDOytg79q9vI3CfnoGkPsg3d77Rn00LCoPgHTk4ZZrDJsBfDP7Xnh2tLbgYzX
Ddw2QL8WP+QOfqIx9wCQ13mmm2FjbVC/uK+sQ7ssoBQVZ7CztdFKFhlq7/v43SRP
2g0sSke/IVJHEWIdLAliztTx7Au4psbtzuTRChFoc7Na2IBkNG4YSp5S28ovhETr
xt92jEy38zjdSqb1UONWI7lmoAHI8OumX0NHrz2MsZ7RYdnhUuv1FmdfQ+HdRs6R
OaFTG9bc6UzkbvWhdOhlpNNu+3vSG/UHyv/3mivkFEJGQ/yzXRTjh2/TyRoknOmN
awvmRumbyzo=
=HIeK
-----END PGP SIGNATURE-----