Updated soundtouch packages fix security vulnerabilities
Publication date: 20 Nov 2018Modification date: 20 Nov 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-17096 , CVE-2018-17097 , CVE-2018-17098
Description
Assertion failure in BPMDetect class in BPMDetect.cpp (CVE-2018-17096). Out-of-bounds heap write in WavOutFile::write() (CVE-2018-17097). Heap corruption in WavFileBase class in WavFile.cpp (CVE-2018-17098).
References
- https://bugs.mageia.org/show_bug.cgi?id=23823
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17096
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17097
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-17098
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17096
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17098
SRPMS
6/core
- soundtouch-2.1.1-1.mga6