These are all security issues fixed in the libmodplug-devel-0.8.8.5-4.9 package on the GA media of openSUSE Tumbleweed.