Package: soundtouch / 1.9.2-2+deb9u1
Patch seriesview the series file
|cve 2017 92xx.patch | (download)||
7 6 + 1 - 0 !
fix cve-2017-9258, cve-2017-9259, cve-2017-9260 Based on an upstream commit, original commit message was: "Added sanity checks against illegal input audio stream parameters e.g. wildly excessive samplerate". . There is no reference to CVEs or bugs, the commit was made after disclosure of the CVEs and all three proofs of concept (crafted wav files) fail after this commit. . The commit was made after version 2.0.0, so that version is also vulnerable. . Unrelated changes were stripped away by patch author, upstream commit author is Olli Parviainen <firstname.lastname@example.org>.