Overview

File _patchinfo of Package patchinfo.11113

<patchinfo incident="11113">
  <issue tracker="bnc" id="1143578">VUL-1: CVE-2018-20861: libopenmpt: libopenmpt allows a crash with certain malformed custom tunings in MPTM files</issue>
  <issue tracker="bnc" id="1143581">VUL-1: CVE-2018-20860: libopenmpt: crash with malformed MED files</issue>
  <issue tracker="bnc" id="1143584">VUL-1: CVE-2019-14383: libopenmpt: J2B in libopenmpt allows an assertion failure during file parsing with debug STLs.</issue>
  <issue tracker="bnc" id="1143582">VUL-1: CVE-2019-14382: libopenmpt: DSM in libopenmpt allows an assertion failure during file parsing with debug STLs</issue>
  <issue tracker="cve" id="2018-20860"/>
  <issue tracker="cve" id="2018-20861"/>
  <issue tracker="cve" id="2019-14383"/>
  <issue tracker="cve" id="2019-14382"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>scarabeus_iv</packager>
  <description>This update for libopenmpt fixes the following issues:

Security issues fixed:

- CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578).
- CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581).
- CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584).
- CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582).

This update was imported from the SUSE:SLE-15:Update update project.</description>
  <summary>Security update for libopenmpt</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places