SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2018:1951-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.4.2018.1951.1

Kategorie: SuSE Local Security Checks

Titel: SUSE: Security Advisory (SUSE-SU-2018:1951-1)

Zusammenfassung: The remote host is missing an update for the 'libopenmpt' package(s) announced via the SUSE-SU-2018:1951-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'libopenmpt' package(s) announced via the SUSE-SU-2018:1951-1 advisory.

Vulnerability Insight:
This update for libopenmpt to version 0.3.9 fixes the following issues:
These security issues were fixed:
- CVE-2018-11710: Prevent write near address 0 in out-of-memory situations
when reading AMS files (bsc#1095644)
- CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files
containing pattern loops (bsc#1089080)
These non-security issues were fixed:
- [Bug] openmpt123: Fixed build failure in C++17 due to use of removed
feature std::random_shuffle.
- STM: Having both Bxx and Cxx commands in a pattern imported the Bxx
command incorrectly.
- STM: Last character of sample name was missing.
- Speed up reading of truncated ULT files.
- ULT: Portamento import was sometimes broken.
- The resonant filter was sometimes unstable when combining low-volume
samples, low cutoff and high mixing rates.
- Keep track of active SFx macro during seeking.
- The 'note cut' duplicate note action did not volume-ramp the previously
playing sample.
- A song starting with non-existing patterns could not be played.
- DSM: Support restart position and 16-bit samples.
- DTM: Import global volume.

Affected Software/OS:
'libopenmpt' package(s) on SUSE Linux Enterprise Module for Desktop Applications 15.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-10017
Common Vulnerability Exposure (CVE) ID: CVE-2018-11710

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.4.2018.1951.1
Kategorie:	SuSE Local Security Checks
Titel:	SUSE: Security Advisory (SUSE-SU-2018:1951-1)
Zusammenfassung:	The remote host is missing an update for the 'libopenmpt' package(s) announced via the SUSE-SU-2018:1951-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libopenmpt' package(s) announced via the SUSE-SU-2018:1951-1 advisory. Vulnerability Insight: This update for libopenmpt to version 0.3.9 fixes the following issues: These security issues were fixed: - CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when reading AMS files (bsc#1095644) - CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files containing pattern loops (bsc#1089080) These non-security issues were fixed: - [Bug] openmpt123: Fixed build failure in C++17 due to use of removed feature std::random_shuffle. - STM: Having both Bxx and Cxx commands in a pattern imported the Bxx command incorrectly. - STM: Last character of sample name was missing. - Speed up reading of truncated ULT files. - ULT: Portamento import was sometimes broken. - The resonant filter was sometimes unstable when combining low-volume samples, low cutoff and high mixing rates. - Keep track of active SFx macro during seeking. - The 'note cut' duplicate note action did not volume-ramp the previously playing sample. - A song starting with non-existing patterns could not be played. - DSM: Support restart position and 16-bit samples. - DTM: Import global volume. Affected Software/OS: 'libopenmpt' package(s) on SUSE Linux Enterprise Module for Desktop Applications 15. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-10017 Common Vulnerability Exposure (CVE) ID: CVE-2018-11710
Copyright	Copyright (C) 2021 Greenbone Networks GmbH