openSUSE-SU-2019:1225-1

Опубликовано: 17 апр. 2019

Источник: suse-cvrf

Описание

Security update for flac

This update for flac fixes the following issues:

CVE-2017-6888: An error in the 'read_metadata_vorbiscomment_()' function could be exploited to cause a memory leak via a specially crafted FLAC file (bsc#1091045).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

flac-1.3.2-lp150.2.3.1

flac-devel-1.3.2-lp150.2.3.1

flac-devel-32bit-1.3.2-lp150.2.3.1

flac-doc-1.3.2-lp150.2.3.1

libFLAC++6-1.3.2-lp150.2.3.1

libFLAC++6-32bit-1.3.2-lp150.2.3.1

libFLAC8-1.3.2-lp150.2.3.1

libFLAC8-32bit-1.3.2-lp150.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VQDOX25M5VUOA47PHQ3CDEXFXRCYRFKC/#VQDOX25M5VUOA47PHQ3CDEXFXRCYRFKC
E-Mail link for openSUSE-SU-2019:1225-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1091045
SUSE Bug 1091045
https://www.suse.com/security/cve/CVE-2017-6888/
SUSE CVE CVE-2017-6888 page

Описание

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

Затронутые продукты

openSUSE Leap 15.0:flac-1.3.2-lp150.2.3.1

openSUSE Leap 15.0:flac-devel-1.3.2-lp150.2.3.1

openSUSE Leap 15.0:flac-devel-32bit-1.3.2-lp150.2.3.1

openSUSE Leap 15.0:flac-doc-1.3.2-lp150.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-6888.html
CVE-2017-6888
https://bugzilla.suse.com/1091045
SUSE Bug 1091045

openSUSE-SU-2019:1225-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2017-6888

Описание

Затронутые продукты

Ссылки