openSUSE-SU-2022:10253-1

Опубликовано: 27 дек. 2022

Источник: suse-cvrf

Описание

Security update for multimon-ng

This update for multimon-ng fixes the following issues:

Update to new upstream release 1.2.0
- Separated FLEX and FLEX_NEXT. The former is identical to 1.1.9, while FLEX_NEXT gained new features, as well as known regressions. (See #168)
- Fix CVE-2020-36619 (boo#1206542)
- Several smaller POCSAG fixes.
- Fix for opening large wav files with improper header.

Список пакетов

SUSE Package Hub 15 SP4

multimon-ng-1.2.0-bp154.2.3.1

openSUSE Leap 15.4

multimon-ng-1.2.0-bp154.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ACOFWRSAMX42Q5JHGBJ6MQJY7FRLPUHJ/
E-Mail link for openSUSE-SU-2022:10253-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1206542
SUSE Bug 1206542
https://www.suse.com/security/cve/CVE-2020-36619/
SUSE CVE CVE-2020-36619 page

Описание

A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.

Затронутые продукты

SUSE Package Hub 15 SP4:multimon-ng-1.2.0-bp154.2.3.1

openSUSE Leap 15.4:multimon-ng-1.2.0-bp154.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-36619.html
CVE-2020-36619
https://bugzilla.suse.com/1206542
SUSE Bug 1206542

openSUSE-SU-2022:10253-1

Описание

Список пакетов

SUSE Package Hub 15 SP4

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2020-36619

Описание

Затронутые продукты

Ссылки