MGASA-2020-0179 - Updated mp3gain packages fix security vulnerability Publication date: 24 Apr 2020 URL: https://advisories.mageia.org/MGASA-2020-0179.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-18359 The updated package fixes a security vulnerability: A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service. (CVE-2019-18359) References: - https://bugs.mageia.org/show_bug.cgi?id=26504 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18359 SRPMS: - 7/core/mp3gain-1.6.2-2.1.mga7
Mageia 2020-0179: mp3gain security update
The updated package fixes a security vulnerability: A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2
Summary
The updated package fixes a security vulnerability:
A buffer over-read was discovered in ReadMP3APETag in apetag.c in
MP3Gain 1.6.2. The vulnerability causes an application crash, which
leads to remote denial of service. (CVE-2019-18359)
References
- https://bugs.mageia.org/show_bug.cgi?id=26504
- - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18359
Resolution
MGASA-2020-0179 - Updated mp3gain packages fix security vulnerability
SRPMS
- 7/core/mp3gain-1.6.2-2.1.mga7
Severity
Publication date: 24 Apr 2020
URL: https://advisories.mageia.org/MGASA-2020-0179.html
Type: security
CVE: CVE-2019-18359
News
HOWTOs
About Us
Powered By
