libakai0-4.3.0-1.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10942 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libakai0-4.3.0-1.3 on GA media These are all security issues fixed in the libakai0-4.3.0-1.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10942 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10942 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2017-12950/ SUSE CVE CVE-2017-12950 page https://www.suse.com/security/cve/CVE-2017-12954/ SUSE CVE CVE-2017-12954 page openSUSE Tumbleweed libakai0-4.3.0-1.3 libgig-devel-4.3.0-1.3 libgig-tools-4.3.0-1.3 libgig10-4.3.0-1.3 libakai0-4.3.0-1.3 as a component of openSUSE Tumbleweed libgig-devel-4.3.0-1.3 as a component of openSUSE Tumbleweed libgig-tools-4.3.0-1.3 as a component of openSUSE Tumbleweed libgig10-4.3.0-1.3 as a component of openSUSE Tumbleweed The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file. CVE-2017-12950 openSUSE Tumbleweed:libakai0-4.3.0-1.3 openSUSE Tumbleweed:libgig-devel-4.3.0-1.3 openSUSE Tumbleweed:libgig-tools-4.3.0-1.3 openSUSE Tumbleweed:libgig10-4.3.0-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12950.html CVE-2017-12950 https://bugzilla.suse.com/1056143 SUSE Bug 1056143 The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file. CVE-2017-12954 openSUSE Tumbleweed:libakai0-4.3.0-1.3 openSUSE Tumbleweed:libgig-devel-4.3.0-1.3 openSUSE Tumbleweed:libgig-tools-4.3.0-1.3 openSUSE Tumbleweed:libgig10-4.3.0-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12954.html CVE-2017-12954 https://bugzilla.suse.com/1056143 SUSE Bug 1056143