Описание
Security update for libopenmpt
This update for libopenmpt to version 0.3.19 fixes the following issues:
- CVE-2019-17113: Fixed a buffer overflow in ModPlug_InstrumentName and ModPlug_SampleName (bsc#1153102).
Список пакетов
Container containers/lmcache-vllm-openai:0
libopenmpt0-0.3.19-2.10.1
Container containers/open-webui:0
libopenmpt0-0.3.19-2.10.1
Container containers/vllm-openai:0
libopenmpt0-0.3.19-2.10.1
Image ai_15_6
libopenmpt0-0.3.19-2.10.1
SUSE Linux Enterprise Module for Desktop Applications 15
libmodplug-devel-0.3.19-2.10.1
libmodplug1-0.3.19-2.10.1
libopenmpt-devel-0.3.19-2.10.1
libopenmpt0-0.3.19-2.10.1
libopenmpt_modplug1-0.3.19-2.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
libmodplug-devel-0.3.19-2.10.1
libmodplug1-0.3.19-2.10.1
libopenmpt-devel-0.3.19-2.10.1
libopenmpt0-0.3.19-2.10.1
libopenmpt_modplug1-0.3.19-2.10.1
Ссылки
- Link for SUSE-SU-2019:2622-1
- E-Mail link for SUSE-SU-2019:2622-1
- SUSE Security Ratings
- SUSE Bug 1153102
- SUSE CVE CVE-2019-17113 page
Описание
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
Затронутые продукты
Container containers/lmcache-vllm-openai:0:libopenmpt0-0.3.19-2.10.1
Container containers/open-webui:0:libopenmpt0-0.3.19-2.10.1
Container containers/vllm-openai:0:libopenmpt0-0.3.19-2.10.1
Image ai_15_6:libopenmpt0-0.3.19-2.10.1
Ссылки
- CVE-2019-17113
- SUSE Bug 1153102