Source: milkytracker Version: 1.02.00+dfsg-1 Severity: important Tags: security upstream
Hi, The following vulnerabilities were published for milkytracker. CVE-2019-14464[0]: | XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a | heap-based buffer overflow. CVE-2019-14496[1]: | LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 | has a stack-based buffer overflow. CVE-2019-14497[2]: | ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in | MilkyTracker 1.02.00 has a heap-based buffer overflow. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-14464 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14464 [1] https://security-tracker.debian.org/tracker/CVE-2019-14496 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14496 [2] https://security-tracker.debian.org/tracker/CVE-2019-14497 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14497 Regards, Salvatore
