Описание
Security update for taglib
This update for taglib fixes this security issues:
- CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function allowed remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file (bsc#1096180).
Список пакетов
openSUSE Leap 15.0
libtag-devel-1.11.1-lp150.3.3.1
libtag1-1.11.1-lp150.3.3.1
libtag1-32bit-1.11.1-lp150.3.3.1
libtag_c0-1.11.1-lp150.3.3.1
libtag_c0-32bit-1.11.1-lp150.3.3.1
taglib-1.11.1-lp150.3.3.1
openSUSE Leap 42.3
libtag-devel-1.11.1-lp150.3.3.1
libtag1-1.11.1-lp150.3.3.1
libtag1-32bit-1.11.1-lp150.3.3.1
libtag_c0-1.11.1-lp150.3.3.1
libtag_c0-32bit-1.11.1-lp150.3.3.1
taglib-1.11.1-lp150.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:1686-1
- SUSE Security Ratings
Описание
The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
Затронутые продукты
openSUSE Leap 15.0:libtag-devel-1.11.1-lp150.3.3.1
openSUSE Leap 15.0:libtag1-1.11.1-lp150.3.3.1
openSUSE Leap 15.0:libtag1-32bit-1.11.1-lp150.3.3.1
openSUSE Leap 15.0:libtag_c0-1.11.1-lp150.3.3.1
Ссылки
- CVE-2018-11439
- SUSE Bug 1096180