Source: soundtouch
Version: 1.9.2-1
Severity: normal
Tags: security upstream
Forwarded: https://gitlab.com/soundtouch/soundtouch/issues/7

Hi,

The following vulnerabilities were published for soundtouch, the
impact is negligible, but filling the bug to track any upstream move
on the upstream issue
https://gitlab.com/soundtouch/soundtouch/issues/7 .

CVE-2018-14044[0]:
| The RateTransposer::setChannels function in RateTransposer.cpp in
| libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote
| attackers to cause a denial of service (assertion failure and
| application exit), as demonstrated by SoundStretch.

CVE-2018-14045[1]:
| The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in
| libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote
| attackers to cause a denial of service (assertion failure and
| application exit), as demonstrated by SoundStretch.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-14044
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14044
[1] https://security-tracker.debian.org/tracker/CVE-2018-14045
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14045
[2] https://gitlab.com/soundtouch/soundtouch/issues/7

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply via email to