openSUSE-SU-2023:0137-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0137-1.json

JSON Data

https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0137-1

Related

Published

2023-06-27T15:41:48Z

Modified

2023-06-27T15:41:48Z

Summary

Security update for guile1, lilypond

Details

This update for guile1, lilypond fixes the following issues:

guile1:

Add service file to download release from git excluding the directory with commercial non free files.
Update to version 2.2.6 to enable lilypond to be updated to 2.24.1 to fix boo#1210502 and CVE-2020-17354.

lilypond:

Update to version lilypond-2.24.1 to fix boo#1210502 - CVE-2020-17354: lilypond: Lilypond allows attackers to bypass the -dsafe protection mechanism.

References

Affected packages

SUSE:Package Hub 15 SP4 / guile1

Package

Name: guile1
Purl: pkg:rpm/suse/guile1&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6-bp154.3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2"
        }
    ]
}

SUSE:Package Hub 15 SP4 / lilypond

Package

Name: lilypond
Purl: pkg:rpm/suse/lilypond&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.24.1-bp154.2.3.2

Ecosystem specific

{
    "binaries": [
        {
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2"
        }
    ]
}

openSUSE:Leap 15.4 / guile1

Package

Name: guile1
Purl: pkg:rpm/opensuse/guile1&distro=openSUSE%20Leap%2015.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6-bp154.3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2"
        }
    ]
}

openSUSE:Leap 15.4 / lilypond

Package

Name: lilypond
Purl: pkg:rpm/opensuse/lilypond&distro=openSUSE%20Leap%2015.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.24.1-bp154.2.3.2

Ecosystem specific

{
    "binaries": [
        {
            "lilypond-doc-ja": "2.24.1-bp154.2.3.2",
            "lilypond-doc-cs": "2.24.1-bp154.2.3.2",
            "lilypond-doc-hu": "2.24.1-bp154.2.3.2",
            "lilypond-doc-nl": "2.24.1-bp154.2.3.2",
            "lilypond-doc-es": "2.24.1-bp154.2.3.2",
            "libguile1-devel": "2.2.6-bp154.3.3.1",
            "lilypond-emmentaler-fonts": "2.24.1-bp154.2.3.2",
            "lilypond-doc": "2.24.1-bp154.2.3.2",
            "lilypond-doc-fr": "2.24.1-bp154.2.3.2",
            "lilypond-doc-de": "2.24.1-bp154.2.3.2",
            "lilypond-fonts-common": "2.24.1-bp154.2.3.2",
            "lilypond": "2.24.1-bp154.2.3.2",
            "lilypond-doc-it": "2.24.1-bp154.2.3.2",
            "guile1": "2.2.6-bp154.3.3.1",
            "libguile-2_2-1": "2.2.6-bp154.3.3.1",
            "guile1-modules-2_2": "2.2.6-bp154.3.3.1",
            "lilypond-doc-zh": "2.24.1-bp154.2.3.2"
        }
    ]
}