| Revision Date: | 2021-08-17 | Version: | 1 |
| Title: | Security update for libsndfile (Critical) |
| Description: |
This update for libsndfile fixes the following issues:
- CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167) - CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993) - CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540) - CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1100167
1116993
1117954
1188540
CVE-2018-13139
CVE-2018-19432
CVE-2018-19758
CVE-2021-3246
SUSE-SU-2021:2764-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information
libsndfile-devel-1.0.28-5.12.1 is installed
OR libsndfile1-1.0.28-5.12.1 is installed
|