Oval Definition:oval:org.opensuse.security:def:68523
Revision Date:2021-08-17Version:1
Title:Security update for libsndfile (Critical)
Description:

This update for libsndfile fixes the following issues:

- CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167) - CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993) - CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540) - CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954)
Family:unixClass:patch
Status:Reference(s):1100167
1115034
1116993
1117954
1142772
1145692
1148931
1188540
CVE-2018-13139
CVE-2018-19432
CVE-2018-19758
CVE-2019-1010180
CVE-2019-8595
CVE-2019-8607
CVE-2019-8615
CVE-2019-8644
CVE-2019-8649
CVE-2019-8658
CVE-2019-8666
CVE-2019-8669
CVE-2019-8671
CVE-2019-8672
CVE-2019-8673
CVE-2019-8676
CVE-2019-8677
CVE-2019-8678
CVE-2019-8679
CVE-2019-8680
CVE-2019-8681
CVE-2019-8683
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2021-3246
SUSE-SU-2019:2428-1
SUSE-SU-2019:2913-1
SUSE-SU-2021:2764-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • gdb-8.3.1-8.8 is installed
  • OR gdbserver-8.3.1-8.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • typelib-1_0-JavaScriptCore-4_0-2.24.4-3.31 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-3.31 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.24.4-3.31 is installed
  • OR webkit2gtk3-2.24.4-3.31 is installed
  • OR webkit2gtk3-devel-2.24.4-3.31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND libsndfile1-32bit-1.0.28-5.12.1 is installed
  • BACK