logo
DATABASE RESOURCES PRICING ABOUT US

abcm2ps - security update

Description

Multiple vulnerabilities have been discovered in abcm2ps: program which translates ABC music description files to PostScript. * [CVE-2018-10753](https://security-tracker.debian.org/tracker/CVE-2018-10753) Stack-based buffer overflow in the delayed\_output function in music.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. * [CVE-2018-10771](https://security-tracker.debian.org/tracker/CVE-2018-10771) Stack-based buffer overflow in the get\_key function in parse.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. * [CVE-2019-1010069](https://security-tracker.debian.org/tracker/CVE-2019-1010069) Incorrect access control allows attackers to cause a denial of service via a crafted file. * [CVE-2021-32434](https://security-tracker.debian.org/tracker/CVE-2021-32434) Array overflow when wrong duration in voice overlay. * [CVE-2021-32435](https://security-tracker.debian.org/tracker/CVE-2021-32435) Stack-based buffer overflow in the function get\_key in parse.c allows remote attackers to cause a senial of service (DoS) via unspecified vectors. * [CVE-2021-32436](https://security-tracker.debian.org/tracker/CVE-2021-32436) Out-of-bounds read in the function write\_title() in subs.c allows remote attackers to cause a denial of service via unspecified vectors. For Debian 9 stretch, these problems have been fixed in version 7.8.9-1+deb9u1. We recommend that you upgrade your abcm2ps packages. For the detailed security status of abcm2ps please refer to its security tracker page at: <https://security-tracker.debian.org/tracker/abcm2ps> Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: <https://wiki.debian.org/LTS>


Affected Software


CPE Name Name Version
abcm2ps 7.8.9-1

Related