ELSA-2025-23457

ELSA-2025-23457 - audiofile security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2026-01-05

Description

[1:0.3.6-9.0.1]
- Fix null pointer dereference [CVE-2025-50950][Orabug: 38777980]

[1:0.3.6-9]
- Apply security patches. CVE-2018-17095, CVE-2018-13440
- Resolves: rhbz#1600369, rhbz#1601014, rhbz#1637128

[1:0.3.6-8]
- Escape macros in %changelog

[1:0.3.6-7]
- Merge upstream pull requests #42,#43,#44 from Agostino Sarubbo to fix
security issues. CVE-2017-6827, CVE-2017-6828,
CVE-2017-6829, CVE-2017-6830, CVE-2017-6831,
CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835,
CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839

[1:0.3.6-6]
- patch to compile with GCC 6

[1:0.3.6-5]
- Merge fix from upstream pull request #25 for CVE-2015-7747.
Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
no longer causes corruption.

[1:0.3.6-4]
- Mass rebuild 2014-01-24

[1:0.3.6-3]
- Mass rebuild 2013-12-27

[0.3.6-1]
- audiofile 0.3.6

[0.3.5-1]
- audiofile 0.3.5

Related CVEs

CVE-2025-50950

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 7 (x86_64)	audiofile-0.3.6-9.0.1.el7.src.rpm	9701bc373ed7e994419f2ce2ea5687aabc93b4ec8cf1bf4781754842d6402d41	-	ol7_x86_64_latest_ELS
	audiofile-0.3.6-9.0.1.el7.i686.rpm	0299344106177e8cdfd31df2723e28a6967a934501e02daa6b273363bb06b155	-	ol7_x86_64_latest_ELS
	audiofile-0.3.6-9.0.1.el7.x86_64.rpm	ec51a971200195018a01bcb63cbfb92b01725a7d204eea42442bcf26ffbfb4bf	-	ol7_x86_64_latest_ELS
	audiofile-devel-0.3.6-9.0.1.el7.i686.rpm	350734ecdb1bacf9b62bbd8adc94c1e9de5f6d69db0efd65cd1241f32e324323	-	ol7_x86_64_latest_ELS
	audiofile-devel-0.3.6-9.0.1.el7.x86_64.rpm	859f1211e58f2d0077ded3f1165371d8dcd8305f5eacb8035f8d8b484056eecd	-	ol7_x86_64_latest_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team