Debian Security Advisory 1742-1 - Alan Rad Pop discovered that libsndfile, a library to read and write sampled audio data, is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution.
a37ce76a07759aa2c00c1ba6f442f62a8e9d2ce0729a65e12e9c1b573afa3af3