{"affected":[{"ecosystem_specific":{"binaries":[{"schismtracker":"20190805-bp151.4.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15","name":"schismtracker","purl":"pkg:rpm/suse/schismtracker&distro=SUSE%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20190805-bp151.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"schismtracker":"20190805-bp151.4.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"schismtracker","purl":"pkg:rpm/suse/schismtracker&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20190805-bp151.4.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for schismtracker fixes the following issues:\n\nThe following security issues were fixed:\n\n- CVE-2019-14523: Fixed an integer underflow in the Amiga Oktalyzer parser (boo#1144266).\n- CVE-2019-14524: Fixed a heap overflow in the MTM loader (boo#1144261).\n\nThe following non-security issues were fixed:\n\n- Support 15-channel MOD files.\n- Support undocumented MIDI macro characters, and support character p (MIDI program) properly.\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2019:2019-1","modified":"2019-08-28T22:20:58Z","published":"2019-08-28T22:20:58Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CHZPZB4XULFUEZOBQCJ3IEETUGKGKJIS/#CHZPZB4XULFUEZOBQCJ3IEETUGKGKJIS"},{"type":"REPORT","url":"https://bugzilla.suse.com/1144261"},{"type":"REPORT","url":"https://bugzilla.suse.com/1144266"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-14523"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-14524"}],"related":["CVE-2019-14523","CVE-2019-14524"],"summary":"Security update for schismtracker","upstream":["CVE-2019-14523","CVE-2019-14524"]}