Overview

File _patchinfo of Package patchinfo.17690

<patchinfo incident="17690">
  <issue tracker="cve" id="2020-0487"/>
  <issue tracker="cve" id="2020-0499"/>
  <issue tracker="bnc" id="1180112">VUL-0: CVE-2020-0487: flac: In read_metadata_vorbiscomment_ of stream_decoder.c, there is possible memory exhaustion due to a memory leak. This could lead to remote denial of service with no additional execution privileges needed. User inte</issue>
  <issue tracker="bnc" id="1180099">VUL-0: CVE-2020-0499: flac: In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privil</issue>
  <packager>tiwai</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for flac</summary>
  <description>This update for flac fixes the following issues:

- CVE-2020-0487: Fixed a memory leak (bsc#1180112).
- CVE-2020-0499: Fixed an out-of-bounds access (bsc#1180099).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places