File _patchinfo of Package patchinfo.12267
<patchinfo incident="12267">
<issue tracker="bnc" id="1143578">VUL-1: CVE-2018-20861: libopenmpt: libopenmpt allows a crash with certain malformed custom tunings in MPTM files</issue>
<issue tracker="bnc" id="1143581">VUL-1: CVE-2018-20860: libopenmpt: crash with malformed MED files</issue>
<issue tracker="bnc" id="1143584">VUL-1: CVE-2019-14383: libopenmpt: J2B in libopenmpt allows an assertion failure during file parsing with debug STLs.</issue>
<issue tracker="bnc" id="1143582">VUL-1: CVE-2019-14382: libopenmpt: DSM in libopenmpt allows an assertion failure during file parsing with debug STLs</issue>
<issue tracker="cve" id="2018-20860"/>
<issue tracker="cve" id="2018-20861"/>
<issue tracker="cve" id="2019-14383"/>
<issue tracker="cve" id="2019-14382"/>
<category>security</category>
<rating>moderate</rating>
<packager>scarabeus_iv</packager>
<description>This update for libopenmpt fixes the following issues:
Security issues fixed:
- CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578).
- CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581).
- CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584).
- CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582).
</description>
<summary>Security update for libopenmpt</summary>
</patchinfo>