openSUSE-SU-2019:1780-1

Опубликовано: 21 июл. 2019

Источник: suse-cvrf

Описание

Security update for clementine

This update for clementine fixes the following issues:

CVE-2018-14332: Fixed a NULL ptr dereference (crash) in the moodbar pipeline (boo#1103041)

Список пакетов

SUSE Package Hub 15

clementine-1.3.1-bp150.2.3.1

openSUSE Leap 15.0

clementine-1.3.1-bp150.2.3.1

openSUSE Leap 15.1

clementine-1.3.1-bp150.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HWWIGIV5VUCRKIZQFHLLBSZ2PKW7HYTN/#HWWIGIV5VUCRKIZQFHLLBSZ2PKW7HYTN
E-Mail link for openSUSE-SU-2019:1780-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1103041
SUSE Bug 1103041
https://www.suse.com/security/cve/CVE-2018-14332/
SUSE CVE CVE-2018-14332 page

Описание

An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file.

Затронутые продукты

SUSE Package Hub 15:clementine-1.3.1-bp150.2.3.1

openSUSE Leap 15.0:clementine-1.3.1-bp150.2.3.1

openSUSE Leap 15.1:clementine-1.3.1-bp150.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-14332.html
CVE-2018-14332
https://bugzilla.suse.com/1103041
SUSE Bug 1103041

openSUSE-SU-2019:1780-1

Описание

Список пакетов

SUSE Package Hub 15

openSUSE Leap 15.0

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2018-14332

Описание

Затронутые продукты

Ссылки