MilkyTracker could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- milkytracker: music creation tool inspired by Fast Tracker 2
Details:
It was discovered that MilkyTracker did not properly handle certain input. If
a user were tricked into opening a malicious file, an attacker could cause
MilkyTracker to crash or potentially execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: milkytracker 0.90.85+dfsg-2.2+deb8u1build0.16.04.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4499-1
CVE-2019-14464, CVE-2019-14496, CVE-2019-14497
Get the latest Linux and open source security news straight to your inbox.