Описание
Security update for mp3gain
This update for mp3gain fixes the following issues:
Update to version 1.6.2.
- CVE-2019-18359: Fixed a buffer over-read was discovered in ReadMP3APETag (boo#1154971)
Список пакетов
openSUSE Leap 15.1
mp3gain-1.6.2-lp151.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0522-1
- SUSE Security Ratings
- SUSE Bug 1154971
- SUSE CVE CVE-2017-12911 page
- SUSE CVE CVE-2019-18359 page
Описание
The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file.
Затронутые продукты
openSUSE Leap 15.1:mp3gain-1.6.2-lp151.3.3.1
Ссылки
- CVE-2017-12911
- SUSE Bug 1082274
- SUSE Bug 1092152
Описание
A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.
Затронутые продукты
openSUSE Leap 15.1:mp3gain-1.6.2-lp151.3.3.1
Ссылки
- CVE-2019-18359
- SUSE Bug 1154971