Security update for libopenmpt
This update for libopenmpt fixes the following issues:
Security issues fixed:
- CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578).
- CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581).
- CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584).
- CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Tomáš Chvátal (scarabeus_iv)
Fixed bugs
bnc#1143578
VUL-1: CVE-2018-20861: libopenmpt: libopenmpt allows a crash with certain malformed custom tunings in MPTM files
bnc#1143581
VUL-1: CVE-2018-20860: libopenmpt: crash with malformed MED files
bnc#1143584
VUL-1: CVE-2019-14383: libopenmpt: J2B in libopenmpt allows an assertion failure during file parsing with debug STLs.
bnc#1143582
VUL-1: CVE-2019-14382: libopenmpt: DSM in libopenmpt allows an assertion failure during file parsing with debug STLs
