| Revision Date: | 2021-08-05 | Version: | 1 |
| Title: | Security update for libsndfile (Critical) |
| Description: |
This update for libsndfile fixes the following issues:
- CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167) - CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993) - CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540) - CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1100167
1116993
1117954
1188540
CVE-2018-13139
CVE-2018-19432
CVE-2018-19758
CVE-2021-3246
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP4-ESPOS
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information
libsndfile1-1.0.25-36.23.1 is installed
OR libsndfile1-32bit-1.0.25-36.23.1 is installed
|