libopenmpt security updates 0.3.11, 0.2.10635-beta34, 0.2.7561-beta20.5-p10, 0.2.7386-beta20.3-p13

The OpenMPT/libopenmpt project released the latest stable libopenmpt version:

libopenmpt 0.3.11 (2018-07-28)

• [Sec] Crash with some malformed custom tunings in MPTM files (r10615). (CVE-2018-20861)

• Channels whose volume envelope was playing at volume 0 while being moved to a NNA background channel were cut off completely since libopenmpt 0.3.8.
• AMF (ASYLUM): Convert 7-bit panning to 8-bit panning for playback.

The changelog for older versions can be found at https://lib.openmpt.org/doc/changelog.html .

Source code download links:

• https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-0.3.11+release.autotools.tar.gz
• https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-0.3.11+release.makefile.tar.gz
• https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-0.3.11+release.msvc.zip

Documentation and binary downloads can be found at the libopenmpt website at https://lib.openmpt.org/libopenmpt/.

---

The OpenMPT/libopenmpt project also released an update to the old libopenmpt 0.2 stable branch:

libopenmpt 0.2.10635-beta34 (2018-07-28)

• [Sec] Crash with some malformed custom tunings in MPTM files (r10616, r10617). (CVE-2018-20861)

• Channels whose volume envelope was playing at volume 0 while being moved to a NNA background channel were cut off completely since libopenmpt 0.2-beta31
• AMF (ASYLUM): Convert 7-bit panning to 8-bit panning for playback.

Source code download links:

• https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-0.2.10635-beta34-autotools.tar.gz
• https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-0.2.10635-beta34.tar.gz
• https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-0.2.10635-beta34-windows.zip

---

The OpenMPT/libopenmpt project updated the following libopenmpt versions with security fixes:

libopenmpt-0.2.7561-beta20.5-p10 (2018-07-28)

• r10638: [Sec] Division by zero and integer overflow (MPTM). (CVE-2018-20861)

The following individual patches fix the mentioned issues (these patches must all be applied sequentially on top of the original libopenmpt-0.2.7561-beta20.5 source release):

• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p1-theoretical-null-pointer-dereference-during-out-of-memory-while-error-handling.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p2-excessive-cpu-consumption-on-malformed-files-ams.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p3-invalid-memory-read-when-applying-nnas-to-effect-plugins.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p4-race-condition-in-multi-threaded-use-it.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p5-out-of-bounds-read-plm.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p6-race-condition-in-multi-threaded-use-it-mod-dmf.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p7-heap-buffer-overflow-in-sample-loading-from-malformed-files-psm.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p8-out-of-bounds-read-it-itp-mo3.patch (already announced previously)

• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p9-null-pointer-dereference-write-after-out-of-memory-ams.patch (already announced previously)

• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7561-beta20.5/libopenmpt-0.2.7561-beta20.5-secfix-p10-division-by-zero-and-integer-overflow-mptm.patch

libopenmpt-0.2.7386-beta20.3-p13 (2018-07-28)

• r10639: [Sec] Division by zero and integer overflow (MPTM). (CVE-2018-20861)

The following individual patches fix the mentioned issues (these patches must all be applied sequentially on top of the original libopenmpt-0.2.7386-beta20.3 source release):

• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p1-division-by-zero-in-tempo-calculation.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p2-infinite-loop-in-plugin-routing.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p3-excessive-cpu-consumption-on-malformed-files-dmf-mdl.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p4-theoretical-null-pointer-dereference-during-out-of-memory-while-error-handling.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p5-excessive-cpu-consumption-on-malformed-files-ams.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p6-invalid-memory-read-when-applying-nnas-to-effect-plugins.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p7-race-condition-in-multi-threaded-use-it.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p8-out-of-bounds-read-plm.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p9-race-condition-in-multi-threaded-use-it-mod-dmf.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p10-heap-buffer-overflow-in-sample-loading-from-malformed-files-psm.patch (already announced previously)
• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p11-out-of-bounds-read-it-itp-mo3.patch (already announced previously)

• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p12-null-pointer-dereference-write-after-out-of-memory-ams.patch (already announced previously)

• https://lib.openmpt.org/files/libopenmpt/secfix/libopenmpt-0.2.7386-beta20.3/libopenmpt-0.2.7386-beta20.3-secfix-p13-division-by-zero-and-integer-overflow-mptm.patch

---

The following libopenmpt versions are currently supported with security fixes by the OpenMPT/libopenmpt project:

• 0.3.11
  • Current stable version.
  • Receives security updates.
  • Receives minor playback fixes.
• 0.2.10635-beta34
  • Old stable version.
  • Receives security updates.
  • Receives trivial bug fixes.
• 0.2.7561-beta20.5-p10
  • Older stable version which is supported on Unix-like systems only.
  • Receives only security fixes.
• 0.2.7386-beta20.3-p13
  • Older stable version which is supported on Unix-like systems only.
  • Receives only security fixes.
• 0.4 (SVN trunk)
  • development
  • security updates
  • playback fixes
  • new features
  • new file formats

Please update to the newest versions.