Updated mp3gain packages fix security vulnerability
Publication date: 24 Apr 2020Modification date: 24 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-18359
Description
The updated package fixes a security vulnerability: A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service. (CVE-2019-18359)
References
SRPMS
7/core
- mp3gain-1.6.2-2.1.mga7