openSUSE-SU-2026:20291-1

Опубликовано: 27 фев. 2026

Источник: suse-cvrf

Описание

Security update for fluidsynth

This update for fluidsynth fixes the following issues:

CVE-2025-56225: NULL pointer deference when loading and invalid MIDI file (bsc#1256435).

Список пакетов

openSUSE Leap 16.0

fluidsynth-2.3.5-160000.3.1

fluidsynth-devel-2.3.5-160000.3.1

libfluidsynth3-2.3.5-160000.3.1

Ссылки

https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1256435
SUSE Bug 1256435
https://www.suse.com/security/cve/CVE-2025-56225/
SUSE CVE CVE-2025-56225 page

Описание

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.

Затронутые продукты

openSUSE Leap 16.0:fluidsynth-2.3.5-160000.3.1

openSUSE Leap 16.0:fluidsynth-devel-2.3.5-160000.3.1

openSUSE Leap 16.0:libfluidsynth3-2.3.5-160000.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-56225.html
CVE-2025-56225
https://bugzilla.suse.com/1256435
SUSE Bug 1256435

openSUSE-SU-2026:20291-1

Описание

Список пакетов

openSUSE Leap 16.0

Ссылки

Уязвимость: CVE-2025-56225

Описание

Затронутые продукты

Ссылки