Bug 1137828 - (CVE-2018-19800) VUL-0: CVE-2018-19800: aubio: Buffer Overflow
(CVE-2018-19800)
VUL-0: CVE-2018-19800: aubio: Buffer Overflow
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Other
Leap 15.1
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/234585/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-06-11 08:03 UTC by Alexander Bergmann
Modified: 2019-07-03 08:28 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Takashi Iwai 2019-06-12 14:15:20 UTC
Again, there is no information at all...

A possible match in the commit is b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5
    [tempo] fix buffer overflow in method parser
Comment 2 Takashi Iwai 2019-06-12 14:43:23 UTC
The fix is submitted to Leap 42.3, Leap 15.0 and Leap 15.1.
Reassigned back to security team.
Comment 3 Swamp Workflow Management 2019-06-12 15:50:35 UTC
This is an autogenerated message for OBS integration:
This bug (1137828) was mentioned in
https://build.opensuse.org/request/show/709475 15.0 / aubio
https://build.opensuse.org/request/show/709476 15.1 / aubio
https://build.opensuse.org/request/show/709513 42.3 / aubio
Comment 4 Swamp Workflow Management 2019-06-24 19:11:32 UTC
openSUSE-SU-2019:1618-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1137822,1137823,1137828
CVE References: CVE-2018-19800,CVE-2018-19801,CVE-2018-19802
Sources used:
openSUSE Leap 42.3 (src):    aubio-0.4.1-9.13.1
openSUSE Leap 15.1 (src):    aubio-0.4.6-lp151.6.3.1, python-aubio-0.4.6-lp151.6.3.1
openSUSE Leap 15.0 (src):    aubio-0.4.6-lp150.3.10.1, python-aubio-0.4.6-lp150.3.10.1
Comment 5 Swamp Workflow Management 2019-06-25 13:12:18 UTC
openSUSE-SU-2019:1624-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1137822,1137823,1137828
CVE References: CVE-2018-19800,CVE-2018-19801,CVE-2018-19802
Sources used:
openSUSE Backports SLE-15 (src):    aubio-0.4.6-bp150.3.12.1, python-aubio-0.4.6-bp150.3.12.1
Comment 6 Marcus Meissner 2019-07-03 08:28:07 UTC
relreased