milkytracker is vulnerable to denial of service. A heap-based buffer overflow in XMFile::read
in XMFile.cpp
in milkyplay allows an attacker to crash the application.
github.com/milkytracker/MilkyTracker/issues/184
lists.debian.org/debian-lts-announce/2019/10/msg00029.html
lists.debian.org/debian-lts-announce/2020/07/msg00023.html
lists.fedoraproject.org/archives/list/[email protected]/message/CXYRVXOPO223DAUJHFQCTKQHIZ6XN35P/
lists.fedoraproject.org/archives/list/[email protected]/message/HBIIPS2CDMUXJ3CIEPKMEY3D73UZDR3T/
security-tracker.debian.org/tracker/CVE-2019-14464
usn.ubuntu.com/4499-1/