Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:1345-1

Опубликовано: 18 мая 2018
Источник: suse-cvrf

Описание

Security update for libvorbis

This update for libvorbis fixes the following issues:

Security issues fixed:

  • CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm (bsc#1091072).
  • CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function (bsc#1059812).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.3
libvorbis-1.3.3-14.1
libvorbis-devel-1.3.3-14.1
libvorbis-doc-1.3.3-14.1
libvorbis0-1.3.3-14.1
libvorbis0-32bit-1.3.3-14.1
libvorbisenc2-1.3.3-14.1
libvorbisenc2-32bit-1.3.3-14.1
libvorbisfile3-1.3.3-14.1
libvorbisfile3-32bit-1.3.3-14.1

Ссылки

Описание

The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.

Затронутые продукты
openSUSE Leap 42.3:libvorbis-1.3.3-14.1
openSUSE Leap 42.3:libvorbis-devel-1.3.3-14.1
openSUSE Leap 42.3:libvorbis-doc-1.3.3-14.1
openSUSE Leap 42.3:libvorbis0-1.3.3-14.1
Ссылки

Описание

bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

Затронутые продукты
openSUSE Leap 42.3:libvorbis-1.3.3-14.1
openSUSE Leap 42.3:libvorbis-devel-1.3.3-14.1
openSUSE Leap 42.3:libvorbis-doc-1.3.3-14.1
openSUSE Leap 42.3:libvorbis0-1.3.3-14.1
Ссылки