Multiple vulnerabilities has been found and corrected in libmikmod: libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service by loading multiple songs with different numbers of channels . libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service by loading an XM file . This update fixes these vulnerabilities.