3 matches found
openSUSE Security Update : mp3gain (openSUSE-2020-522)
This update for mp3gain fixes the following issues : Update to version 1.6.2. - CVE-2019-18359: Fixed a buffer over-read was discovered in ReadMP3APETag boo1154971 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2017-12911
The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file...
CVE-2017-12911
CVE-2017-12911 affects MP3Gain 1.5.2.r2, where the apetag.c file allows stack memory corruption when opening specially crafted MP3 files. OpenSUSE/openSUSE advisories indicate a later fix was released in MP3Gain 1.6.2 (openSUSE-2020-522), addressing the issue and related CVE-2019-18359 (buffer ov...