openSUSE-SU-2023:0137-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0137-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0137-1
Upstream
Related
Published
2023-06-27T15:41:48Z
Modified
2026-02-04T03:14:12.131359Z
Summary
Security update for guile1, lilypond
Details

This update for guile1, lilypond fixes the following issues:

guile1:

  • Add service file to download release from git excluding the directory with commercial non free files.
  • Update to version 2.2.6 to enable lilypond to be updated to 2.24.1 to fix boo#1210502 and CVE-2020-17354.

lilypond:

  • Update to version lilypond-2.24.1 to fix boo#1210502 - CVE-2020-17354: lilypond: Lilypond allows attackers to bypass the -dsafe protection mechanism.
References

Affected packages

SUSE:Package Hub 15 SP4 / guile1

Package

Name
guile1
Purl
pkg:rpm/suse/guile1&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.6-bp154.3.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0137-1.json"

SUSE:Package Hub 15 SP4 / lilypond

Package

Name
lilypond
Purl
pkg:rpm/suse/lilypond&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.1-bp154.2.3.2

Ecosystem specific 

{
    "binaries": [
        {
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0137-1.json"

openSUSE:Leap 15.4 / guile1

Package

Name
guile1
Purl
pkg:rpm/opensuse/guile1&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.6-bp154.3.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0137-1.json"

openSUSE:Leap 15.4 / lilypond

Package

Name
lilypond
Purl
pkg:rpm/opensuse/lilypond&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.1-bp154.2.3.2

Ecosystem specific 

{
    "binaries": [
        {
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0137-1.json"