Описание
Security update for schismtracker
This update for schismtracker fixes the following issues:
The following security issues were fixed:
- CVE-2019-14523: Fixed an integer underflow in the Amiga Oktalyzer parser (boo#1144266).
- CVE-2019-14524: Fixed a heap overflow in the MTM loader (boo#1144261).
The following non-security issues were fixed:
- Support 15-channel MOD files.
- Support undocumented MIDI macro characters, and support character p (MIDI program) properly.
Список пакетов
openSUSE Leap 15.0
schismtracker-20190805-lp151.3.3.1
openSUSE Leap 15.1
schismtracker-20190805-lp151.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:1994-1
- SUSE Security Ratings
- SUSE Bug 1144261
- SUSE Bug 1144266
- SUSE CVE CVE-2019-14523 page
- SUSE CVE CVE-2019-14524 page
Описание
An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c.
Затронутые продукты
openSUSE Leap 15.0:schismtracker-20190805-lp151.3.3.1
openSUSE Leap 15.1:schismtracker-20190805-lp151.3.3.1
Ссылки
- CVE-2019-14523
- SUSE Bug 1144266
Описание
An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.
Затронутые продукты
openSUSE Leap 15.0:schismtracker-20190805-lp151.3.3.1
openSUSE Leap 15.1:schismtracker-20190805-lp151.3.3.1
Ссылки
- CVE-2019-14524
- SUSE Bug 1144261