Red Hat Product Errata RHSA-2020:1185 - Security Advisory

Issued:: 2020-03-31
Updated:: 2020-03-31

RHSA-2020:1185 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: libsndfile security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsndfile is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV.

Security Fix(es):

libsndfile: stack-based buffer overflow in sndfile-deinterleave utility (CVE-2018-13139)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 1598480 - CVE-2018-13139 libsndfile: stack-based buffer overflow in sndfile-deinterleave utility

CVEs

CVE-2018-13139

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
x86_64
libsndfile-1.0.25-11.el7.i686.rpm	SHA-256: 84185b6f5a77e9381f84b34080dbcd42bef8ce529cffc1b413ab6e2fd996491f
libsndfile-1.0.25-11.el7.x86_64.rpm	SHA-256: 6a09933dca1bed77bb0c403b8a59e1aea3d7ae9d40c7ce98b58ccad21d86dd54
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-devel-1.0.25-11.el7.i686.rpm	SHA-256: 73f459c50a47f40f3b482a3c929203f17098d1f6a3cf241f69e162540ae341bf
libsndfile-devel-1.0.25-11.el7.x86_64.rpm	SHA-256: f8838809fbc4b2bfbcbf28153cacaf42963307e848ab7ea95a983b1c6a46caa9
libsndfile-utils-1.0.25-11.el7.x86_64.rpm	SHA-256: 10509ddbf893de2081e559b9d0a658ff70eb6d5a8190e6ad9e457d5a09e40878

Red Hat Enterprise Linux Workstation 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
x86_64
libsndfile-1.0.25-11.el7.i686.rpm	SHA-256: 84185b6f5a77e9381f84b34080dbcd42bef8ce529cffc1b413ab6e2fd996491f
libsndfile-1.0.25-11.el7.x86_64.rpm	SHA-256: 6a09933dca1bed77bb0c403b8a59e1aea3d7ae9d40c7ce98b58ccad21d86dd54
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-devel-1.0.25-11.el7.i686.rpm	SHA-256: 73f459c50a47f40f3b482a3c929203f17098d1f6a3cf241f69e162540ae341bf
libsndfile-devel-1.0.25-11.el7.x86_64.rpm	SHA-256: f8838809fbc4b2bfbcbf28153cacaf42963307e848ab7ea95a983b1c6a46caa9
libsndfile-utils-1.0.25-11.el7.x86_64.rpm	SHA-256: 10509ddbf893de2081e559b9d0a658ff70eb6d5a8190e6ad9e457d5a09e40878

Red Hat Enterprise Linux Desktop 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
x86_64
libsndfile-1.0.25-11.el7.i686.rpm	SHA-256: 84185b6f5a77e9381f84b34080dbcd42bef8ce529cffc1b413ab6e2fd996491f
libsndfile-1.0.25-11.el7.x86_64.rpm	SHA-256: 6a09933dca1bed77bb0c403b8a59e1aea3d7ae9d40c7ce98b58ccad21d86dd54
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-devel-1.0.25-11.el7.i686.rpm	SHA-256: 73f459c50a47f40f3b482a3c929203f17098d1f6a3cf241f69e162540ae341bf
libsndfile-devel-1.0.25-11.el7.x86_64.rpm	SHA-256: f8838809fbc4b2bfbcbf28153cacaf42963307e848ab7ea95a983b1c6a46caa9
libsndfile-utils-1.0.25-11.el7.x86_64.rpm	SHA-256: 10509ddbf893de2081e559b9d0a658ff70eb6d5a8190e6ad9e457d5a09e40878

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
s390x
libsndfile-1.0.25-11.el7.s390.rpm	SHA-256: b5c8c76405e3e1a153f0742b9fca73bbc5f67e1e5864bb6f0c5368d31f23929e
libsndfile-1.0.25-11.el7.s390x.rpm	SHA-256: 80a8dbd26eb9c82134895f2d7a51db96e2d2bc9bc0a4f8e385c422c50efa3eab
libsndfile-debuginfo-1.0.25-11.el7.s390.rpm	SHA-256: 95984369582d63c0d211acae55df607cb6ffc50aa1c5010356daef7d485e1ddf
libsndfile-debuginfo-1.0.25-11.el7.s390.rpm	SHA-256: 95984369582d63c0d211acae55df607cb6ffc50aa1c5010356daef7d485e1ddf
libsndfile-debuginfo-1.0.25-11.el7.s390x.rpm	SHA-256: 6fb64a78c4c1e4dd7bd91ae929e485ceec6acf7a3bb1d96464177e23127b4103
libsndfile-debuginfo-1.0.25-11.el7.s390x.rpm	SHA-256: 6fb64a78c4c1e4dd7bd91ae929e485ceec6acf7a3bb1d96464177e23127b4103
libsndfile-devel-1.0.25-11.el7.s390.rpm	SHA-256: edb75361f98a7a357558191776b6978847f0b02019e15c5aefe4822b8ced787f
libsndfile-devel-1.0.25-11.el7.s390x.rpm	SHA-256: 10e930bc02501a577855402b107c42086998b1c03c3d59ccb00a7ba75cace945
libsndfile-utils-1.0.25-11.el7.s390x.rpm	SHA-256: 1367ba9a1fc83cdca540bff5ab914ebd610a7f1c49bbfd2789d1aaeb2c8639f4

Red Hat Enterprise Linux for Power, big endian 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
ppc64
libsndfile-1.0.25-11.el7.ppc.rpm	SHA-256: db65ccffcd8aac88c192d3663ddeae11cb7d8bb155b2ece5db694130801533fd
libsndfile-1.0.25-11.el7.ppc64.rpm	SHA-256: 54b215115533ecad693fbbc2e3b5e354277453ffb8fff7ed4821b8ac3943e34f
libsndfile-debuginfo-1.0.25-11.el7.ppc.rpm	SHA-256: c28f27584e3232a0a0d37137e0b84ff2fcb056ca1e608ad39594dd40d515d162
libsndfile-debuginfo-1.0.25-11.el7.ppc.rpm	SHA-256: c28f27584e3232a0a0d37137e0b84ff2fcb056ca1e608ad39594dd40d515d162
libsndfile-debuginfo-1.0.25-11.el7.ppc64.rpm	SHA-256: 947e751b9ba02c65b72ff2841d83c1be28afb287e5ef18d838457df952ca6b5f
libsndfile-debuginfo-1.0.25-11.el7.ppc64.rpm	SHA-256: 947e751b9ba02c65b72ff2841d83c1be28afb287e5ef18d838457df952ca6b5f
libsndfile-devel-1.0.25-11.el7.ppc.rpm	SHA-256: c7da59e148344f56423a54b5dbc7b3f5aeca8e1263ff775e1523be9933d16506
libsndfile-devel-1.0.25-11.el7.ppc64.rpm	SHA-256: 9eca00a73f2605508ec5e75e85d85bf3086696c71891a89b69d4f91eec0b7d66
libsndfile-utils-1.0.25-11.el7.ppc64.rpm	SHA-256: f3354da748af1fe6800ea5381a070f87cacbf4d9039d1421c23c37db213d3cb9

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
x86_64
libsndfile-1.0.25-11.el7.i686.rpm	SHA-256: 84185b6f5a77e9381f84b34080dbcd42bef8ce529cffc1b413ab6e2fd996491f
libsndfile-1.0.25-11.el7.x86_64.rpm	SHA-256: 6a09933dca1bed77bb0c403b8a59e1aea3d7ae9d40c7ce98b58ccad21d86dd54
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.i686.rpm	SHA-256: 415ea92ce776bbc68608591748534aa29701058c98d9eea0da22084683e9ab94
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm	SHA-256: 392f081e05d39eee0e31bb6d32d3f287536e7749927760ac4fe21d86a05c6361
libsndfile-devel-1.0.25-11.el7.i686.rpm	SHA-256: 73f459c50a47f40f3b482a3c929203f17098d1f6a3cf241f69e162540ae341bf
libsndfile-devel-1.0.25-11.el7.x86_64.rpm	SHA-256: f8838809fbc4b2bfbcbf28153cacaf42963307e848ab7ea95a983b1c6a46caa9
libsndfile-utils-1.0.25-11.el7.x86_64.rpm	SHA-256: 10509ddbf893de2081e559b9d0a658ff70eb6d5a8190e6ad9e457d5a09e40878

Red Hat Enterprise Linux for Power, little endian 7

SRPM
libsndfile-1.0.25-11.el7.src.rpm	SHA-256: 4df8401c007cbf2df21efe9bd82862f23d226098f2ab4a8e3c543405dee53a49
ppc64le
libsndfile-1.0.25-11.el7.ppc64le.rpm	SHA-256: 2c4295d85e7b50a46b5fce83d943e814f340dad0b7cc72abe25d15cf27f477cf
libsndfile-debuginfo-1.0.25-11.el7.ppc64le.rpm	SHA-256: 458188a95438ac588009efdde3a8f6caafee050d244d29b235187029a22f31fa
libsndfile-debuginfo-1.0.25-11.el7.ppc64le.rpm	SHA-256: 458188a95438ac588009efdde3a8f6caafee050d244d29b235187029a22f31fa
libsndfile-devel-1.0.25-11.el7.ppc64le.rpm	SHA-256: aabc691fb2dc972b2ad35fb8b61b093bd3741a42c41be3f0818ffc7b3421eee3
libsndfile-utils-1.0.25-11.el7.ppc64le.rpm	SHA-256: 5d11fc57c45244818550cd3b65e2b5f9011b8b081cb423173f4b313067ba0236

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories