Overview

File _patchinfo of Package patchinfo.18770

<patchinfo incident="18770">
  <issue tracker="cve" id="2019-13217"/>
  <issue tracker="cve" id="2019-13220"/>
  <issue tracker="cve" id="2019-13223"/>
  <issue tracker="cve" id="2019-13221"/>
  <issue tracker="cve" id="2019-13219"/>
  <issue tracker="cve" id="2019-13222"/>
  <issue tracker="cve" id="2019-13218"/>
  <issue tracker="bnc" id="1216478">VUL-0: TRACKERBUG: stb: Several memory access violations in stb_image and stb_vorbis</issue>
  <packager>adrianSuSE</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for stb</summary>
  <description>This update for stb fixes the following issues:

Addressing the follow security issues (boo#1216478):

* CVE-2019-13217: heap buffer overflow in start_decoder()
* CVE-2019-13218: stack buffer overflow in compute_codewords()
* CVE-2019-13219: uninitialized memory in vorbis_decode_packet_rest()
* CVE-2019-13220: out-of-range read in draw_line()
* CVE-2019-13221: issue with large 1D codebooks in lookup1_values()
* CVE-2019-13222: unchecked NULL returned by get_window()
* CVE-2019-13223: division by zero in predict_point()
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places