Detections
Analytics

openSUSE Security Update : libmodplug (openSUSE-2018-306)

medium Nessus Plugin ID 108633

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for libmodplug fixes the following issues :

Several security and non security issues where fixed :

 - Update to version 0.8.9.0+git20170610.f6dd59a boo#1022032 :

 - PSM: add missing line to commit

 - ABC: prevent possible increment of p past end

 - ABC: ensure read pointer is valid before incrementing

 - ABC: terminate early when things don't work in substitute

 - OKT: add one more bound check

 - FAR: out by one on check

 - ABC: 10 digit ints require null termination

 - PSM: make sure reads occur of only valid ins

 - ABC: cleanup tracks correctly.

 - WAV: check that there is space for both headers

 - OKT: ensure file size is enough to contain data

 - ABC: initialize earlier

 - ABC: ensure array access is bounded correctly.

 - ABC: clean up loop exiting code

 - ABC: avoid possibility of incrementing *p

 - ABC: abort early if macro would be blank

 - ABC: Use blankline more often

 - ABC: Ensure for loop does not increment past end of loop

 - Initialize nPatterns to 0 earlier

 - Check memory position isn't over the memory length

 - ABC: transpose only needs to look at notes (<26)

 - Spelling fixes

 - Bump version number to 0.8.9.0

 - MMCMP: Check that end pointer is within the file size

 - WAV: ensure integer doesn't overflow

 - XM: additional mempos check

 - sndmix: Don't process row if its empty.

 - snd_fx: dont include patterns of zero size in length calc

 - MT2,AMF: prevent OOB reads

Solution

Update the affected libmodplug packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1022032

Plugin Details

Severity: Medium

ID: 108633

File Name: openSUSE-2018-306.nasl

Version: 1.3

Type: Local

Agent: unix

Published: 3/27/2018

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Vulnerability Information

CPE: cpe:/o:novell:opensuse:42.3, p-cpe:/a:novell:opensuse:libmodplug-devel, p-cpe:/a:novell:opensuse:libmodplug1, p-cpe:/a:novell:opensuse:libmodplug1-32bit, p-cpe:/a:novell:opensuse:libmodplug-debugsource, p-cpe:/a:novell:opensuse:libmodplug1-debuginfo, p-cpe:/a:novell:opensuse:libmodplug1-debuginfo-32bit

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 3/23/2018