Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in ripright
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in ripright
ID: FEDORA-2017-8f27031c8f
Distribution: Fedora
Plattformen: Fedora 26
Datum: Mi, 20. September 2017, 06:48
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7515
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8958
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12587
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11750
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9556
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8959
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11751
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7514
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7517

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
-------------------------------------------------------------------------------
-

Name : ripright
Product : Fedora 26
Version : 0.11
Release : 5.fc26
URL : http://www.mcternan.me.uk/ripright/
Summary : Minimal CD to FLAC ripper
Description :
RipRight is a minimal CD ripper modeled on autorip. It can run as a daemon and
will automatically start ripping any CD found in the drive after which the
disc will be ejected. Ripping is always to FLAC lossless audio format with
tags taken from the community-maintained MusicBrainz lookup service and cover
art from Amazon where possible. If a disc is unknown to MusicBrainz, the CD
will be ejected without ripping and can also be optionally rejected if cover
art cannot be found.

With RipRight, ripping a CD collection is just a matter of feeding your Linux
PC each CD in turn and waiting while they are ripped. CDs which are
immediately ejected can be checked with the MusicBrainz Picard tool which
allows CD identifiers to be uploaded to the website database. Any errors or
inaccuracies in the database records can also be edited on the MusicBrainz.

-------------------------------------------------------------------------------
-
Update Information:

Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent
packages
are mostly straight rebuilds, a couple also include bugfix version updates.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in
coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in
mng_get_long function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage
function when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory
in RLE decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility
when deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in
ReadPWPImage function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642
CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429
CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the
parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in
CopyMagickMemory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959
CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when
processing crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in
ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751
CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in
ReadMATImage() coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read
in the WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in
WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in
ReadTXTImage function in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various
flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in
ReadRLEImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in
ReadDPXImage function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from
uninitialized memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in
ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't
validade blob sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes
denial of service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in
ReadMATImage function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read
in the GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 - synfigstudio doesn't start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade ripright' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung