Описание
Security update for speex
This update for speex fixes the following issues:
- CVE-2020-23903: Fixed zero division error in read_samples (bsc#1192580).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
libspeex1-1.1.999_1.2rc1-24.3.1
libspeex1-32bit-1.1.999_1.2rc1-24.3.1
libspeexdsp1-1.1.999_1.2rc1-24.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libspeex1-1.1.999_1.2rc1-24.3.1
libspeex1-32bit-1.1.999_1.2rc1-24.3.1
libspeexdsp1-1.1.999_1.2rc1-24.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5
speex-devel-1.1.999_1.2rc1-24.3.1
Ссылки
- Link for SUSE-SU-2021:3858-1
- E-Mail link for SUSE-SU-2021:3858-1
- SUSE Security Ratings
- SUSE Bug 1192580
- SUSE CVE CVE-2020-23903 page
Описание
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libspeex1-1.1.999_1.2rc1-24.3.1
SUSE Linux Enterprise Server 12 SP5:libspeex1-32bit-1.1.999_1.2rc1-24.3.1
SUSE Linux Enterprise Server 12 SP5:libspeexdsp1-1.1.999_1.2rc1-24.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:libspeex1-1.1.999_1.2rc1-24.3.1
Ссылки
- CVE-2020-23903
- SUSE Bug 1192580