Описание
Security update for flac
This update for flac fixes the following issues:
- CVE-2020-0487: Fixed a memory leak (bsc#1180112).
- CVE-2020-0499: Fixed an out-of-bounds access (bsc#1180099).
Список пакетов
Container containers/milvus:2.4
libFLAC8-1.3.2-3.6.1
Container containers/open-webui:0
libFLAC8-1.3.2-3.6.1
Container suse/kiosk/firefox-esr:esr
libFLAC8-1.3.2-3.6.1
Container suse/kiosk/firefox-esr:latest
libFLAC8-1.3.2-3.6.1
Container suse/kiosk/pulseaudio:17
libFLAC8-1.3.2-3.6.1
Container suse/kiosk/pulseaudio:latest
libFLAC8-1.3.2-3.6.1
Container suse/kiosk/xorg-client:latest
libFLAC8-1.3.2-3.6.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
libFLAC8-1.3.2-3.6.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
libFLAC8-1.3.2-3.6.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
libFLAC8-1.3.2-3.6.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
libFLAC8-1.3.2-3.6.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
libFLAC8-1.3.2-3.6.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
libFLAC8-1.3.2-3.6.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
libFLAC8-1.3.2-3.6.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP6-SAP-Azure-LI-BYOS
libFLAC8-1.3.2-3.6.1
Image SLES15-SP6-SAP-Azure-LI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS
libFLAC8-1.3.2-3.6.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP7-SAP-Azure-LI-BYOS-Production
libFLAC8-1.3.2-3.6.1
Image SLES15-SP7-SAP-Azure-VLI-BYOS-Production
libFLAC8-1.3.2-3.6.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
flac-devel-1.3.2-3.6.1
libFLAC++6-1.3.2-3.6.1
libFLAC8-1.3.2-3.6.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
flac-devel-1.3.2-3.6.1
libFLAC++6-1.3.2-3.6.1
libFLAC8-1.3.2-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
flac-devel-1.3.2-3.6.1
libFLAC++6-1.3.2-3.6.1
libFLAC8-1.3.2-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
flac-devel-1.3.2-3.6.1
libFLAC++6-1.3.2-3.6.1
libFLAC8-1.3.2-3.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP1
flac-1.3.2-3.6.1
libFLAC8-32bit-1.3.2-3.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2
flac-1.3.2-3.6.1
libFLAC8-32bit-1.3.2-3.6.1
SUSE Linux Enterprise Server 15-LTSS
flac-devel-1.3.2-3.6.1
libFLAC++6-1.3.2-3.6.1
libFLAC8-1.3.2-3.6.1
SUSE Linux Enterprise Server for SAP Applications 15
flac-devel-1.3.2-3.6.1
libFLAC++6-1.3.2-3.6.1
libFLAC8-1.3.2-3.6.1
Ссылки
- Link for SUSE-SU-2020:3933-1
- E-Mail link for SUSE-SU-2020:3933-1
- SUSE Security Ratings
- SUSE Bug 1180099
- SUSE Bug 1180112
- SUSE CVE CVE-2020-0487 page
- SUSE CVE CVE-2020-0499 page
Описание
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
Затронутые продукты
Container containers/milvus:2.4:libFLAC8-1.3.2-3.6.1
Container containers/open-webui:0:libFLAC8-1.3.2-3.6.1
Container suse/kiosk/firefox-esr:esr:libFLAC8-1.3.2-3.6.1
Container suse/kiosk/firefox-esr:latest:libFLAC8-1.3.2-3.6.1
Ссылки
- CVE-2020-0487
- SUSE Bug 1180112
Описание
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156076070
Затронутые продукты
Container containers/milvus:2.4:libFLAC8-1.3.2-3.6.1
Container containers/open-webui:0:libFLAC8-1.3.2-3.6.1
Container suse/kiosk/firefox-esr:esr:libFLAC8-1.3.2-3.6.1
Container suse/kiosk/firefox-esr:latest:libFLAC8-1.3.2-3.6.1
Ссылки
- CVE-2020-0499
- SUSE Bug 1180099