Security update for aubio SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1624-1 Final 1 1 2019-06-25T08:10:25Z current 2019-06-25T08:10:25Z 2019-06-25T08:10:25Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for aubio This update for aubio fixes the following issues: Fixed security issues leading to buffer overflows or segfaults (CVE-2018-19800, boo#1137828, CVE-2018-19801, boo#1137822, CVE-2018-19802, boo#1137823): This update was imported from the openSUSE:Leap:15.0:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1624 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00067.html E-Mail link for openSUSE-SU-2019:1624-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1137822 SUSE Bug 1137822 https://bugzilla.suse.com/1137823 SUSE Bug 1137823 https://bugzilla.suse.com/1137828 SUSE Bug 1137828 https://www.suse.com/security/cve/CVE-2018-19800/ SUSE CVE CVE-2018-19800 page https://www.suse.com/security/cve/CVE-2018-19801/ SUSE CVE CVE-2018-19801 page https://www.suse.com/security/cve/CVE-2018-19802/ SUSE CVE CVE-2018-19802 page SUSE Package Hub 15 aubio-tools-0.4.6-bp150.3.12.1 libaubio-devel-0.4.6-bp150.3.12.1 libaubio5-0.4.6-bp150.3.12.1 python2-aubio-0.4.6-bp150.3.12.1 python3-aubio-0.4.6-bp150.3.12.1 aubio-tools-0.4.6-bp150.3.12.1 as a component of SUSE Package Hub 15 libaubio-devel-0.4.6-bp150.3.12.1 as a component of SUSE Package Hub 15 libaubio5-0.4.6-bp150.3.12.1 as a component of SUSE Package Hub 15 python2-aubio-0.4.6-bp150.3.12.1 as a component of SUSE Package Hub 15 python3-aubio-0.4.6-bp150.3.12.1 as a component of SUSE Package Hub 15 aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo. CVE-2018-19800 SUSE Package Hub 15:aubio-tools-0.4.6-bp150.3.12.1 SUSE Package Hub 15:libaubio-devel-0.4.6-bp150.3.12.1 SUSE Package Hub 15:libaubio5-0.4.6-bp150.3.12.1 SUSE Package Hub 15:python2-aubio-0.4.6-bp150.3.12.1 SUSE Package Hub 15:python3-aubio-0.4.6-bp150.3.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00067.html https://www.suse.com/security/cve/CVE-2018-19800.html CVE-2018-19800 https://bugzilla.suse.com/1137828 SUSE Bug 1137828 https://bugzilla.suse.com/1142436 SUSE Bug 1142436 aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters. CVE-2018-19801 SUSE Package Hub 15:aubio-tools-0.4.6-bp150.3.12.1 SUSE Package Hub 15:libaubio-devel-0.4.6-bp150.3.12.1 SUSE Package Hub 15:libaubio5-0.4.6-bp150.3.12.1 SUSE Package Hub 15:python2-aubio-0.4.6-bp150.3.12.1 SUSE Package Hub 15:python3-aubio-0.4.6-bp150.3.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00067.html https://www.suse.com/security/cve/CVE-2018-19801.html CVE-2018-19801 https://bugzilla.suse.com/1137822 SUSE Bug 1137822 https://bugzilla.suse.com/1142433 SUSE Bug 1142433 aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference. CVE-2018-19802 SUSE Package Hub 15:aubio-tools-0.4.6-bp150.3.12.1 SUSE Package Hub 15:libaubio-devel-0.4.6-bp150.3.12.1 SUSE Package Hub 15:libaubio5-0.4.6-bp150.3.12.1 SUSE Package Hub 15:python2-aubio-0.4.6-bp150.3.12.1 SUSE Package Hub 15:python3-aubio-0.4.6-bp150.3.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00067.html https://www.suse.com/security/cve/CVE-2018-19802.html CVE-2018-19802 https://bugzilla.suse.com/1137823 SUSE Bug 1137823