http://bugzilla.opensuse.org/show_bug.cgi?id=1082274 Bug ID: 1082274 Summary: VUL-0: CVE-2017-12911: mp3gain: stack memory corruption when opening a crafted MP3 file Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other URL: https://smash.suse.de/issue/200624/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: aloisio@gmx.com Reporter: abergmann@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2017-12911 The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12911 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12911 -- You are receiving this mail because: You are on the CC list for the bug.