9088 important openSUSE Leap 42.3 Update This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. (bsc#1108632) - CVE-2018-17097: The WavFileBase class allowed remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. (double free) (bsc#1108631) - CVE-2018-17096: The BPMDetect class allowed remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. (bsc#1108630) - CVE-2018-1000223: soundtouch contained a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility. (boo#1103676) libSoundTouch0-1.8.0-6.3.1.i586.rpm libSoundTouch0-32bit-1.8.0-6.3.1.x86_64.rpm libSoundTouch0-debuginfo-1.8.0-6.3.1.i586.rpm libSoundTouch0-debuginfo-32bit-1.8.0-6.3.1.x86_64.rpm soundtouch-1.8.0-6.3.1.i586.rpm soundtouch-1.8.0-6.3.1.src.rpm soundtouch-debuginfo-1.8.0-6.3.1.i586.rpm soundtouch-debugsource-1.8.0-6.3.1.i586.rpm soundtouch-devel-1.8.0-6.3.1.i586.rpm libSoundTouch0-1.8.0-6.3.1.x86_64.rpm libSoundTouch0-debuginfo-1.8.0-6.3.1.x86_64.rpm soundtouch-1.8.0-6.3.1.x86_64.rpm soundtouch-debuginfo-1.8.0-6.3.1.x86_64.rpm soundtouch-debugsource-1.8.0-6.3.1.x86_64.rpm soundtouch-devel-1.8.0-6.3.1.x86_64.rpm