libopenmpt and openmpt123 - libopenmpt security update 0.7.8, releases 0.6.17, 0.5.31, 0.4.43

The OpenMPT/libopenmpt project released the latest stable libopenmpt version:

libopenmpt 0.7.8 (2024-06-09)

[Sec] Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
MED: Additional command pages can now be read.
MED: Echo DSP is now emulated.
AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
MDL: Pitch slide depth was wrong since libopenmpt 0.6.0.
DTM: Fix pitch slide depth for samples with finetune.
DSm: Don’t import as Amiga module (and thus allow Amiga resampler to be enabled), as this PC format can easily exceed the Amiga frequency range.
DSm: Only the first 48 samples were ever read.
STM / STX: Don’t set channel panning. ScreamTracker 2 only outputs mono sound.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.

The changelog for older versions can be found at https://lib.openmpt.org/doc/changelog.html .

Source code download links:

Binary download links:

Development library download links:

Documentation download links:

The security issue fixed in libopenmpt 0.7 does not affect the earlier libopenmpt 0.6, 0.5, 0.4 branches.

The OpenMPT/libopenmpt project also released an update to the old libopenmpt 0.6 stable branch:

AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
MDL: Pitch slide depth was wrong since libopenmpt 0.6.0.
DTM: Fix pitch slide depth for samples with finetune.
STM / STX: Don’t set channel panning. ScreamTracker 2 only outputs mono sound.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.

Source code download links:

Binary download links:

Development library download links:

Documentation download links:

All downloads can be found at the libopenmpt website at https://lib.openmpt.org/libopenmpt/.

The OpenMPT/libopenmpt project also released an update to the old libopenmpt 0.5 stable branch:

AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.

Source code download links:

Documentation and binary downloads can be found at the libopenmpt website at https://lib.openmpt.org/libopenmpt/.

The OpenMPT/libopenmpt project also released an update to the old libopenmpt 0.4 stable branch:

AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.

Source code download links:

Documentation and binary downloads can be found at the libopenmpt website at https://lib.openmpt.org/libopenmpt/.

The following libopenmpt and libopenmpt-modplug versions are currently supported with security fixes by the OpenMPT/libopenmpt project:

libopenmpt 0.7.8
- Current stable version.
- Receives security updates.
- Receives minor playback fixes.
libopenmpt 0.6.17
- Old stable version.
- Receives security updates.
- Receives trivial bug fixes.
libopenmpt 0.5.31
- Old stable version.
- Receives security updates.
- Receives trivial bug fixes.
libopenmpt 0.4.43
- Old stable version.
- Receives security updates.
- Receives trivial bug fixes.
libopenmpt 0.8 (SVN trunk)
- development
- security updates
- playback fixes
- new features
- new file formats
libopenmpt-modplug 0.8.9.0-openmpt1
- Receives security updates.
libopenmpt-modplug 0.8.8.5-openmpt1
- Receives security updates.

Please update to the newest versions.