November 15, 2009, 10:30 pm
527109 - libsndfile 1.0.17 too old
488361 - CVE-2009-0186 libsndfile: overflows may lead to execution of arbitrary code
502657 - CVE-2009-1788 libsndfile VOC file heap based buffer overflow
502658 - CVE-2009-1791 libsndfile AIFF file heap based buffer overflow
Version 1.0.20 (2009-03-14) * Fix potential heap overflow in VOC file parser (Tobias Klein, http://www.trapkit.de/). Version 1.0.19 (2009-03-02) * Fix for CVE-2009-0186 (Alin Rad Pop, Secunia Research). * Huge number of minor bug fixes as a result of static analysis. Version 1.0.18 (2009-02-07) * Add Ogg/Vorbis support (thanks to John ffitch). * Remove captive FLAC library. * Many new features and bug fixes...