Описание
Security update for taglib
This update for taglib fixes the following issues:
- CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function allowed remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file (bsc#1096180)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP1
libtag1-1.11.1-4.3.62
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
libtag-devel-1.11.1-4.3.62
libtag_c0-1.11.1-4.3.62
Ссылки
- Link for SUSE-SU-2019:1374-2
- E-Mail link for SUSE-SU-2019:1374-2
- SUSE Security Ratings
- SUSE Bug 1096180
- SUSE CVE CVE-2018-11439 page
Описание
The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:libtag1-1.11.1-4.3.62
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libtag-devel-1.11.1-4.3.62
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libtag_c0-1.11.1-4.3.62
Ссылки
- CVE-2018-11439
- SUSE Bug 1096180