OESA-2023-1062

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1062

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2023-1062.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2023-1062

Upstream

CVE-2022-47021

Published

2023-02-03T11:04:51Z

Modified

2025-09-03T06:18:37.878974Z

Summary

opusfile security update

Details

The opusfile library provides seeking, decode, and playback of Opus streams in the Ogg container (.opus files) including over http(s) on posix and windows systems. opusfile depends on libopus and libogg.The included opusurl library for http(s) access depends on opusfile and openssl.

Security Fix(es):

A null pointer dereference issue was discovered in functions opgetdata and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.(CVE-2022-47021)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / opusfile

Package

Name: opusfile
Purl: pkg:rpm/openEuler/opusfile&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.11-4.oe1

Ecosystem specific

{
    "x86_64": [
        "opusfile-debuginfo-0.11-4.oe1.x86_64.rpm",
        "opusfile-0.11-4.oe1.x86_64.rpm",
        "opusfile-devel-0.11-4.oe1.x86_64.rpm",
        "opusfile-debugsource-0.11-4.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "opusfile-debuginfo-0.11-4.oe1.aarch64.rpm",
        "opusfile-0.11-4.oe1.aarch64.rpm",
        "opusfile-devel-0.11-4.oe1.aarch64.rpm",
        "opusfile-debugsource-0.11-4.oe1.aarch64.rpm"
    ],
    "src": [
        "opusfile-0.11-4.oe1.src.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / opusfile

Package

Name: opusfile
Purl: pkg:rpm/openEuler/opusfile&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.11-7.oe1

Ecosystem specific

{
    "x86_64": [
        "opusfile-debuginfo-0.11-7.oe1.x86_64.rpm",
        "opusfile-debugsource-0.11-7.oe1.x86_64.rpm",
        "opusfile-0.11-7.oe1.x86_64.rpm",
        "opusfile-devel-0.11-7.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "opusfile-devel-0.11-7.oe1.aarch64.rpm",
        "opusfile-debuginfo-0.11-7.oe1.aarch64.rpm",
        "opusfile-0.11-7.oe1.aarch64.rpm",
        "opusfile-debugsource-0.11-7.oe1.aarch64.rpm"
    ],
    "src": [
        "opusfile-0.11-7.oe1.src.rpm"
    ]
}

openEuler:22.03-LTS / opusfile

Package

Name: opusfile
Purl: pkg:rpm/openEuler/opusfile&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.11-5.oe2203sp1

Ecosystem specific

{
    "x86_64": [
        "opusfile-debugsource-0.11-5.oe2203.x86_64.rpm",
        "opusfile-devel-0.11-5.oe2203.x86_64.rpm",
        "opusfile-debuginfo-0.11-5.oe2203.x86_64.rpm",
        "opusfile-0.11-5.oe2203.x86_64.rpm",
        "opusfile-debugsource-0.11-5.oe2203sp1.x86_64.rpm",
        "opusfile-debuginfo-0.11-5.oe2203sp1.x86_64.rpm",
        "opusfile-devel-0.11-5.oe2203sp1.x86_64.rpm",
        "opusfile-0.11-5.oe2203sp1.x86_64.rpm"
    ],
    "aarch64": [
        "opusfile-0.11-5.oe2203.aarch64.rpm",
        "opusfile-debugsource-0.11-5.oe2203.aarch64.rpm",
        "opusfile-debuginfo-0.11-5.oe2203.aarch64.rpm",
        "opusfile-devel-0.11-5.oe2203.aarch64.rpm",
        "opusfile-0.11-5.oe2203sp1.aarch64.rpm",
        "opusfile-devel-0.11-5.oe2203sp1.aarch64.rpm",
        "opusfile-debuginfo-0.11-5.oe2203sp1.aarch64.rpm",
        "opusfile-debugsource-0.11-5.oe2203sp1.aarch64.rpm"
    ],
    "src": [
        "opusfile-0.11-5.oe2203.src.rpm",
        "opusfile-0.11-5.oe2203sp1.src.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / opusfile

Package

Name: opusfile
Purl: pkg:rpm/openEuler/opusfile&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.11-5.oe2203sp1

Ecosystem specific

{
    "x86_64": [
        "opusfile-debugsource-0.11-5.oe2203sp1.x86_64.rpm",
        "opusfile-debuginfo-0.11-5.oe2203sp1.x86_64.rpm",
        "opusfile-devel-0.11-5.oe2203sp1.x86_64.rpm",
        "opusfile-0.11-5.oe2203sp1.x86_64.rpm"
    ],
    "aarch64": [
        "opusfile-0.11-5.oe2203sp1.aarch64.rpm",
        "opusfile-devel-0.11-5.oe2203sp1.aarch64.rpm",
        "opusfile-debuginfo-0.11-5.oe2203sp1.aarch64.rpm",
        "opusfile-debugsource-0.11-5.oe2203sp1.aarch64.rpm"
    ],
    "src": [
        "opusfile-0.11-5.oe2203sp1.src.rpm"
    ]
}