Security update for soundtouch (moderate)

2018-11-1000:09:07

lists.opensuse.org

494

0.007 Low

EPSS

Percentile

78.5%

JSON

This update for soundtouch fixes the following issues:

CVE-2018-17098: The WavFileBase class allowed remote attackers to cause
a denial of service (heap corruption from size inconsistency) or
possibly have unspecified other impact, as demonstrated by SoundStretch.
(bsc#1108632)
CVE-2018-17097: The WavFileBase class allowed remote attackers to cause
a denial of service (double free) or possibly have unspecified other
impact, as demonstrated by SoundStretch. (double free) (bsc#1108631)
CVE-2018-17096: The BPMDetect class allowed remote attackers to cause a
denial of service (assertion failure and application exit), as
demonstrated by SoundStretch. (bsc#1108630)

This update was imported from the SUSE:SLE-15:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0i586libsoundtouch0-debuginfo< 1.8.0-lp150.2.6.1libSoundTouch0-debuginfo-1.8.0-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64soundtouch-devel< 1.8.0-lp150.2.6.1soundtouch-devel-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0i586soundtouch< 1.8.0-lp150.2.6.1soundtouch-1.8.0-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64soundtouch< 1.8.0-lp150.2.6.1soundtouch-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0i586soundtouch-debuginfo< 1.8.0-lp150.2.6.1soundtouch-debuginfo-1.8.0-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64libsoundtouch0-32bit-debuginfo< 1.8.0-lp150.2.6.1libSoundTouch0-32bit-debuginfo-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0x86_64soundtouch-debuginfo< 1.8.0-lp150.2.6.1soundtouch-debuginfo-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0x86_64libsoundtouch0-32bit< 1.8.0-lp150.2.6.1libSoundTouch0-32bit-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0x86_64libsoundtouch0-debuginfo< 1.8.0-lp150.2.6.1libSoundTouch0-debuginfo-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0i586libsoundtouch0< 1.8.0-lp150.2.6.1libSoundTouch0-1.8.0-lp150.2.6.1.i586.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	15.0	i586	libsoundtouch0-debuginfo	< 1.8.0-lp150.2.6.1	libSoundTouch0-debuginfo-1.8.0-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	soundtouch-devel	< 1.8.0-lp150.2.6.1	soundtouch-devel-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	i586	soundtouch	< 1.8.0-lp150.2.6.1	soundtouch-1.8.0-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	soundtouch	< 1.8.0-lp150.2.6.1	soundtouch-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	i586	soundtouch-debuginfo	< 1.8.0-lp150.2.6.1	soundtouch-debuginfo-1.8.0-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	libsoundtouch0-32bit-debuginfo	< 1.8.0-lp150.2.6.1	libSoundTouch0-32bit-debuginfo-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	x86_64	soundtouch-debuginfo	< 1.8.0-lp150.2.6.1	soundtouch-debuginfo-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	x86_64	libsoundtouch0-32bit	< 1.8.0-lp150.2.6.1	libSoundTouch0-32bit-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	x86_64	libsoundtouch0-debuginfo	< 1.8.0-lp150.2.6.1	libSoundTouch0-debuginfo-1.8.0-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	i586	libsoundtouch0	< 1.8.0-lp150.2.6.1	libSoundTouch0-1.8.0-lp150.2.6.1.i586.rpm