9088 important openSUSE Leap 42.3 Update ports This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. (bsc#1108632) - CVE-2018-17097: The WavFileBase class allowed remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. (double free) (bsc#1108631) - CVE-2018-17096: The BPMDetect class allowed remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. (bsc#1108630) - CVE-2018-1000223: soundtouch contained a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility. (boo#1103676) libSoundTouch0-1.8.0-6.3.1.ppc64le.rpm libSoundTouch0-debuginfo-1.8.0-6.3.1.ppc64le.rpm soundtouch-1.8.0-6.3.1.ppc64le.rpm soundtouch-1.8.0-6.3.1.src.rpm soundtouch-debuginfo-1.8.0-6.3.1.ppc64le.rpm soundtouch-debugsource-1.8.0-6.3.1.ppc64le.rpm soundtouch-devel-1.8.0-6.3.1.ppc64le.rpm libSoundTouch0-1.8.0-6.3.1.aarch64.rpm libSoundTouch0-64bit-1.8.0-6.3.1.aarch64_ilp32.rpm libSoundTouch0-debuginfo-1.8.0-6.3.1.aarch64.rpm libSoundTouch0-debuginfo-64bit-1.8.0-6.3.1.aarch64_ilp32.rpm soundtouch-1.8.0-6.3.1.aarch64.rpm soundtouch-debuginfo-1.8.0-6.3.1.aarch64.rpm soundtouch-debugsource-1.8.0-6.3.1.aarch64.rpm soundtouch-devel-1.8.0-6.3.1.aarch64.rpm libSoundTouch0-1.8.0-6.3.1.armv7hl.rpm libSoundTouch0-debuginfo-1.8.0-6.3.1.armv7hl.rpm soundtouch-1.8.0-6.3.1.armv7hl.rpm soundtouch-debuginfo-1.8.0-6.3.1.armv7hl.rpm soundtouch-debugsource-1.8.0-6.3.1.armv7hl.rpm soundtouch-devel-1.8.0-6.3.1.armv7hl.rpm