Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in q
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in q
ID: FEDORA-2017-8f27031c8f
Distribution: Fedora
Plattformen: Fedora 26
Datum: Mi, 20. September 2017, 06:46
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7514
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11751
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8959
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11449
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11750
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11639
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8958
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12641
Applikationen: q

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
-------------------------------------------------------------------------------
-

Name : q
Product : Fedora 26
Version : 7.11
Release : 29.fc26
URL : http://q-lang.sourceforge.net
Summary : Equational programming language
Description :
Q is a powerful and extensible functional programming language based
on the term rewriting calculus. You specify an arbitrary system of
equations which the interpreter uses as rewrite rules to reduce
expressions to normal form. Q is useful for scientific programming and
other advanced applications, and also as a sophisticated kind of
desktop calculator. The distribution includes the Q programming tools,
a standard library, add-on modules for interfacing to Curl, GNU dbm,
ODBC, GNU Octave, ImageMagick, Tcl/Tk, XML/XSLT and an Emacs mode.

-------------------------------------------------------------------------------
-
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent
packages
are mostly straight rebuilds, a couple also include bugfix version updates.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in
coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in
mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage
function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory
in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility
when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in
ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642
CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429
CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the
parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in
CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959
CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when
processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in
ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751
CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in
ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read
in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in
WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in
ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various
flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in
ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in
ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from
uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in
ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't
validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes
denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in
ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read
in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 - synfigstudio doesn't start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade q' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung