MGASA-2018-0300

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0300.html

Import Source

https://advisories.mageia.org/MGASA-2018-0300.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0300

Related

CVE-2018-11439

Published

2018-07-01T17:17:14Z

Modified

2018-07-01T16:39:46Z

Summary

Updated taglib packages fix security vulnerability

Details

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. (CVE-2018-11439)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / taglib

Package

Name: taglib
Purl: pkg:rpm/mageia/taglib?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.9.1-4.1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:6 / taglib

Package

Name: taglib
Purl: pkg:rpm/mageia/taglib?arch=source&distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.1-1.2.mga6

Ecosystem specific

{
    "section": "core"
}