Sicherheit: Denial of Service in PulseAudio - Pro-Linux

Name        : pulseaudio
Product     : Fedora 20
Version     : 5.0
Release     : 7.fc20
URL         : http://www.freedesktop.org/wiki/Software/PulseAudio
Summary     : Improved Linux Sound Server
Description :
PulseAudio is a sound server for Linux and other Unix like operating
systems. It is intended to be an improved drop-in replacement for the
Enlightened Sound Daemon (ESOUND).

-------------------------------------------------------------------------------
-
Update Information:

Rebase current post-4.0 snapshot to 5.0 release, see also:

http://www.freedesktop.org/wiki/Software/PulseAudio/Notes/5.0/

This update restores compatibility with pulseaudio upstream ABI, and includes
 rebuilds of affected fedora packages.
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Jul 16 2014 Rex Dieter <rdieter@fedoraproject.org> 5.0-7
- Provide padsp-32, /usr/bin/padsp is native arch only (#856146)
* Mon Jul  7 2014 Rex Dieter <rdieter@fedoraproject.org> - 5.0-6
- rtp-recv: fix crash on empty UDP packets (CVE-2014-3970,#1104835,#1108011)
- name HDMI outputs uniquely
* Sat Jun  7 2014 Fedora Release Engineering
 <rel-eng@lists.fedoraproject.org> - 5.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 13 2014 Dan Horák <dan[at]danny.cz> 5.0-4
- always run tests, but don't fail the build on big endian arches (relates
 #1067470)
* Sat Apr 12 2014 Rex Dieter <rdieter@fedoraproject.org> 5.0-3
- Pulse Audio settings lost after reboot / HDMI is set as default (#1035025)
* Tue Mar 11 2014 Rex Dieter <rdieter@fedoraproject.org> 5.0-2
- drop Requires: kernel (per recent -devel ml thread)
* Tue Mar  4 2014 Rex Dieter <rdieter@fedoraproject.org> 5.0-1
- 5.0 (#1072259)
* Wed Feb 26 2014 Karsten Hopp <karsten@redhat.com> 4.99.4-3
- disable make check on PPC* (rhbz #1067470)
* Mon Feb 17 2014 Rex Dieter <rdieter@fedoraproject.org> 4.99.4-2
- -qpaeq subpkg (#1002585)
* Sat Feb 15 2014 Rex Dieter <rdieter@fedoraproject.org> 4.99.4-1
- 4.99.4
* Wed Jan 29 2014 Rex Dieter <rdieter@fedoraproject.org> 4.99.3-1
- 4.99.3
* Mon Jan 27 2014 Wim Taymans <wtaymans@redhat.com> - 4.99.2-2
- don't mark .desktop and dbus configurations as %config
* Fri Jan 24 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.99.2-1
- 4.99.2 (#1057528)
* Wed Jan 22 2014 Wim Taymans <wtaymans@redhat.com> - 4.0-12.gitf81e3
- Use the statically allocated UID and GID from /usr/share/doc/setup/uidgid
 (#1056656)
- The pulse-rt group doesn't exist (#885020)
* Wed Jan 22 2014 Rex Dieter <rdieter@fedoraproject.org> -
 4.0-11.gitf81e3
- handle jack/lirc modules better (#1056619)
- -libs-devel: own some dirs to avoid deps on cmake/vala
- -module-bluetooth: make dep arch'd for consistency
* Fri Jan 10 2014 Rex Dieter <rdieter@fedoraproject.org> -
 4.0-10.gitf81e3
- enable hardened build (#983606)
* Sat Dec  7 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.0-9.gitf81e3
- X-KDE-autostart-phase=1
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1104835 - CVE-2014-3970 pulseaudio: denial of service in
 module-rtp-recv
        https://bugzilla.redhat.com/show_bug.cgi?id=1104835
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use
su -c 'yum update pulseaudio' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce