Описание
Security update for soundtouch
This update for soundtouch fixes the following security issue:
- CVE-2018-1000223: Prevent buffer overflow in WavInFile::readHeaderBlock() that could have resulted in arbitrary code execution when opening maliocius file in soundstretch utility (bsc#1103676)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15
libSoundTouch0-1.8.0-3.3.1
soundtouch-devel-1.8.0-3.3.1
Ссылки
- Link for SUSE-SU-2018:3068-1
- E-Mail link for SUSE-SU-2018:3068-1
- SUSE Security Ratings
- SUSE Bug 1103676
- SUSE CVE CVE-2018-1000223 page
Описание
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15:libSoundTouch0-1.8.0-3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15:soundtouch-devel-1.8.0-3.3.1
Ссылки
- CVE-2018-1000223
- SUSE Bug 1103676