Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.6728
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.6728
<patchinfo incident="6728"> <issue id="387731" tracker="bnc">VUL-0: libid3tag overflow</issue> <issue id="1081962" tracker="bnc">VUL-0: libid3tag: CVE-2017-11550 libid3tag: NULL Pointer Dereference in id3_ucs4_length function in ucs4.c</issue> <issue id="1081959" tracker="bnc">VUL-0: CVE-2004-2779: libid3tag: id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2tags encoded in UTF-16 with an odd number of bytes, triggering an endless loopallocating memory until an OOM condition is reac</issue> <issue id="1081961" tracker="bnc">VUL-0: libid3tag: CVE-2017-11551 libid3tag: Out of memory in id3_field_parse function in field.c</issue> <issue id="2017-11551" tracker="cve" /> <issue id="2017-11550" tracker="cve" /> <issue id="2008-2109" tracker="cve" /> <issue id="2004-2779" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>kbabioch</packager> <description>This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3_utf16_deserialize() in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. (bsc#1081959 bsc#1081961) - CVE-2017-11550 CVE-2008-2109: Fixed the handling of unknown encodings when parsing ID3 tags. (bsc#1081962 bsc#387731) </description> <summary>Security update for libid3tag</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor