Sicherheit: Pufferüberlauf in tcl-snack
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in tcl-snack
ID: FEDORA-2013-0083
Distribution: Fedora
Plattformen: Fedora 18
Datum: Sa, 12. Januar 2013, 22:55
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303
Applikationen: tcl-snack


Name        : tcl-snack
Product : Fedora 18
Version : 2.2.10
Release : 17.fc18
URL : http://www.speech.kth.se/snack/
Summary : Sound toolkit
Description :
The Snack Sound Toolkit is designed to be used with a scripting language such
as Tcl/Tk or Python. Using Snack you can create powerful multi-platform audio
applications with just a few lines of code. Snack has commands for basic sound
handling, such as playback, recording, file and socket I/O. Snack also provides
primitives for sound visualization, e.g. waveforms and spectrograms. It was
developed mainly to handle digital recordings of speech, but is just as useful
for general audio. Snack has also successfully been applied to other
one-dimensional signals. The combination of Snack and a scripting language
makes it possible to create sound tools and applications with a minimum of
effort. This is due to the rapid development nature of scripting languages. As
a bonus you get an application that is cross-platform from start. It is also
easy to integrate Snack based applications with existing sound analysis

Update Information:

Apply fix for CVE-2012-6303, where a crafted WAV file could cause a buffer
overflow. Thanks to Michael Karcher for the patch.

* Wed Jan 2 2013 Tom Callaway <spot@fedoraproject.org> - 2.2.10-17
- apply fix from Michael Karcher to fix CVE-2012-6303 (bz 885893)

[ 1 ] Bug #885893 - CVE-2012-6303 tcl-snack: multiple buffer overflows

This update can be installed with the "yum" update program. Use
su -c 'yum update tcl-snack' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Neue Nachrichten