Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

openSUSE 15.4-15.5: 2023:4251-1 Important: vorbis-tools Buffer Overflow

opensuse
Calendar Grey October 30, 2023
Dist Opensuse Esm H88
The vorbis-tools package has been updated to mitigate CVE-2023-43361, which resolves a dangerous buffer overflow issue in audio processing. Ensure your systems remain secure!
This update for vorbis-tools fixes the following issues: CVE-2023-43361: Fixed a buffer overflow vulnerability during the conversion of wav files to ogg files

Description

This update for vorbis-tools fixes the following issues:

* CVE-2023-43361: Fixed a buffer overflow vulnerability during the conversion

of wav files to ogg files. (bsc#1215942)

Topics%20covered

Topics Covered

security advisory buffer overflow software update important update openSUSE vorbis-tools patch instructions

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5

zypper in -t patch openSUSE-SLE-15.5-2023-4251=1

* Desktop Applications Module 15-SP4

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-4251=1

* Desktop Applications Module 15-SP5

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-4251=1

* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1

zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-4251=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2

zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4251=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3

zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4251=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3

zypper in -t patch...

Read the Full Advisory

Package List

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)

* vorbis-tools-1.4.0-150000.3.3.1

* vorbis-tools-debuginfo-1.4.0-150000.3.3.1

* vorbis-tools-debugsource-1.4.0-150000.3.3.1

* openSUSE Leap 15.5 (noarch)

* vorbis-tools-lang-1.4.0-150000.3.3.1

* Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)

* vorbis-tools-1.4.0-150000.3.3.1

* vorbis-tools-debuginfo-1.4.0-150000.3.3.1

* vorbis-tools-debugsource-1.4.0-150000.3.3.1

* Desktop Applications Module 15-SP4 (noarch)

* vorbis-tools-lang-1.4.0-150000.3.3.1

* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)

* vorbis-tools-1.4.0-150000.3.3.1

* vorbis-tools-debuginfo-1.4.0-150000.3.3.1

* vorbis-tools-debugsource-1.4.0-150000.3.3.1

* Desktop Applications Module 15-SP5 (noarch)

* vorbis-tools-lang-1.4.0-150000.3.3.1

* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64

x86_64)

* vorbis-tools-1.4.0-150000.3.3.1

* vorbis-tools-debuginfo-1.4.0-150000.3.3.1

* vorbis-tools-debugsource-1.4.0-150000.3.3.1

* SUSE Linux...

Read the Full Advisory

References

* bsc#1215942

## References:

* https://www.suse.com/security/cve/CVE-2023-43361.html

* https://bugzilla.suse.com/show_bug.cgi?id=1215942

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:4251-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow software update important update openSUSE vorbis-tools patch instructions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here