==========================================================================
Ubuntu Security Notice USN-7267-1
February 13, 2025

libsndfile vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

libsndfile could be made to crash if it opened a specially crafted file.

Software Description:
- libsndfile: Library for reading/writing audio files

Details:

It was discovered that libsndfile incorrectly handled certain malformed
OggVorbis files. An attacker could possibly use this issue to cause
libsndfile to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
  libsndfile1                     1.0.25-10ubuntu0.16.04.3+esm4
                                  Available with Ubuntu Pro
  sndfile-programs                1.0.25-10ubuntu0.16.04.3+esm4
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7267-1
  CVE-2024-50612