openSUSE-SU-2018:1120-1

Опубликовано: 02 мая 2018

Источник: suse-cvrf

Описание

Security update for flac

This update for flac fixes the following issues:

CVE-2017-6888: Fix memory leak in read_metadata_vorbiscomment_() function could lead to denial of service (boo#1091045).

Список пакетов

openSUSE Leap 42.3

flac-1.3.2-2.3.1

flac-devel-1.3.2-2.3.1

flac-devel-32bit-1.3.2-2.3.1

flac-doc-1.3.2-2.3.1

libFLAC++6-1.3.2-2.3.1

libFLAC++6-32bit-1.3.2-2.3.1

libFLAC8-1.3.2-2.3.1

libFLAC8-32bit-1.3.2-2.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-05/msg00002.html
E-Mail link for openSUSE-SU-2018:1120-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

Затронутые продукты

openSUSE Leap 42.3:flac-1.3.2-2.3.1

openSUSE Leap 42.3:flac-devel-1.3.2-2.3.1

openSUSE Leap 42.3:flac-devel-32bit-1.3.2-2.3.1

openSUSE Leap 42.3:flac-doc-1.3.2-2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-6888.html
CVE-2017-6888
https://bugzilla.suse.com/1091045
SUSE Bug 1091045

openSUSE-SU-2018:1120-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-6888

Описание

Затронутые продукты

Ссылки