openSUSE-SU-2019:2306-1

Опубликовано: 10 окт. 2019

Источник: suse-cvrf

Описание

Security update for libopenmpt

This update for libopenmpt to version 0.3.19 fixes the following issues:

CVE-2019-17113: Fixed a buffer overflow in ModPlug_InstrumentName and ModPlug_SampleName (bsc#1153102).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.1

libmodplug-devel-0.3.19-lp151.2.6.1

libmodplug1-0.3.19-lp151.2.6.1

libmodplug1-32bit-0.3.19-lp151.2.6.1

libopenmpt-devel-0.3.19-lp151.2.6.1

libopenmpt0-0.3.19-lp151.2.6.1

libopenmpt0-32bit-0.3.19-lp151.2.6.1

libopenmpt_modplug1-0.3.19-lp151.2.6.1

libopenmpt_modplug1-32bit-0.3.19-lp151.2.6.1

openmpt123-0.3.19-lp151.2.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W7AKBJWO3A3RH5D2TBIUPIFVWBCYTHDW/#W7AKBJWO3A3RH5D2TBIUPIFVWBCYTHDW
E-Mail link for openSUSE-SU-2019:2306-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1153102
SUSE Bug 1153102
https://www.suse.com/security/cve/CVE-2019-17113/
SUSE CVE CVE-2019-17113 page

Описание

In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.

Затронутые продукты

openSUSE Leap 15.1:libmodplug-devel-0.3.19-lp151.2.6.1

openSUSE Leap 15.1:libmodplug1-0.3.19-lp151.2.6.1

openSUSE Leap 15.1:libmodplug1-32bit-0.3.19-lp151.2.6.1

openSUSE Leap 15.1:libopenmpt-devel-0.3.19-lp151.2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-17113.html
CVE-2019-17113
https://bugzilla.suse.com/1153102
SUSE Bug 1153102

openSUSE-SU-2019:2306-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2019-17113

Описание

Затронутые продукты

Ссылки