Overview

File _patchinfo of Package patchinfo.9661

<patchinfo incident="9661">
  <issue tracker="bnc" id="1108632">VUL-0: CVE-2018-17098: soundtouch: remote denial of service (heap corruption from size inconsistency) in the WavFileBase class in WavFile.cpp</issue>
  <issue tracker="bnc" id="1108631">VUL-0: CVE-2018-17097: soundtouch: remote denial of service (double free) in the WavFileBase class in WavFile.cpp</issue>
  <issue tracker="cve" id="2018-17097"/>
  <issue tracker="cve" id="2018-17098"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>mcalabkova</packager>
  <description>This update for soundtouch fixes the following issues:

Security issues fixed:

- CVE-2018-17098: Fixed a heap corruption from size inconsistency, which
  allowed remote attackers to cause a denial of service or possibly have
  other unspecified impact (bsc#1108632)
- CVE-2018-17097: Fixed a double free, which allowed remote attackers to cause
  a denial of service or possibly have other unspecified impact  (bsc#1108631)
</description>
  <summary>Security update for soundtouch</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places