{"affected":[{"ecosystem_specific":{"binaries":[{"audiofile":"0.3.6-11.10.1","audiofile-devel":"0.3.6-11.10.1","libaudiofile1":"0.3.6-11.10.1","libaudiofile1-32bit":"0.3.6-11.10.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5","name":"audiofile","purl":"pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.3.6-11.10.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for audiofile fixes the following issues:\n\n- CVE-2019-13147: Do not allow too many channel to prevent NULL pointer dereference (bsc#1140031).\n- CVE-2022-24599: Clear buffer when allocating (bsc#1196487).\n","id":"SUSE-SU-2025:02283-1","modified":"2025-07-11T08:35:16Z","published":"2025-07-11T08:35:16Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202502283-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1140031"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196487"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13147"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-24599"}],"related":["CVE-2019-13147","CVE-2022-24599"],"summary":"Security update for audiofile","upstream":["CVE-2019-13147","CVE-2022-24599"]}