openSUSE-SU-2025:0039-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:0039-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2025:0039-1
Related
Published
2025-01-31T15:01:17Z
Modified
2025-01-31T15:01:17Z
Summary
Security update for stb
Details

This update for stb fixes the following issues:

Addressing the follow security issues (boo#1216478):

  • CVE-2019-13217: heap buffer overflow in start_decoder()
  • CVE-2019-13218: stack buffer overflow in compute_codewords()
  • CVE-2019-13219: uninitialized memory in vorbisdecodepacket_rest()
  • CVE-2019-13220: out-of-range read in draw_line()
  • CVE-2019-13221: issue with large 1D codebooks in lookup1_values()
  • CVE-2019-13222: unchecked NULL returned by get_window()
  • CVE-2019-13223: division by zero in predict_point()
References

Affected packages

SUSE:Package Hub 15 SP6 / stb

Package

Name
stb
Purl
pkg:rpm/suse/stb&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20240910-bp156.2.3.1

Ecosystem specific

{
    "binaries": [
        {
            "stb-devel": "20240910-bp156.2.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / stb

Package

Name
stb
Purl
pkg:rpm/opensuse/stb&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20240910-bp156.2.3.1

Ecosystem specific

{
    "binaries": [
        {
            "stb-devel": "20240910-bp156.2.3.1"
        }
    ]
}