{"affected":[{"ecosystem_specific":{"binaries":[{"stb-devel":"20240910-bp156.2.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"stb","purl":"pkg:rpm/suse/stb&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20240910-bp156.2.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"stb-devel":"20240910-bp156.2.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"stb","purl":"pkg:rpm/opensuse/stb&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20240910-bp156.2.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for stb fixes the following issues:\n\nAddressing the follow security issues (boo#1216478):\n\n* CVE-2019-13217: heap buffer overflow in start_decoder()\n* CVE-2019-13218: stack buffer overflow in compute_codewords()\n* CVE-2019-13219: uninitialized memory in vorbis_decode_packet_rest()\n* CVE-2019-13220: out-of-range read in draw_line()\n* CVE-2019-13221: issue with large 1D codebooks in lookup1_values()\n* CVE-2019-13222: unchecked NULL returned by get_window()\n* CVE-2019-13223: division by zero in predict_point()\n","id":"openSUSE-SU-2025:0039-1","modified":"2025-01-31T15:01:17Z","published":"2025-01-31T15:01:17Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PZDT6XNDTXL5IKK6DIS36QIONKMQA3A4/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216478"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13217"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13218"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13219"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13220"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13221"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13222"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-13223"}],"related":["CVE-2019-13217","CVE-2019-13218","CVE-2019-13219","CVE-2019-13220","CVE-2019-13221","CVE-2019-13222","CVE-2019-13223"],"summary":"Security update for stb","upstream":["CVE-2019-13217","CVE-2019-13218","CVE-2019-13219","CVE-2019-13220","CVE-2019-13221","CVE-2019-13222","CVE-2019-13223"]}