Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in soundtouch
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in soundtouch
ID: FEDORA-2018-f4f75985b8
Distribution: Fedora
Plattformen: Fedora 28
Datum: Di, 21. August 2018, 07:43
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14044
Applikationen: SoundTouch

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-f4f75985b8
2018-08-20 18:41:00.455946
-------------------------------------------------------------------------------
-

Name : soundtouch
Product : Fedora 28
Version : 2.0.0
Release : 6.fc28
URL : http://www.surina.net/soundtouch/
Summary : Audio Processing library for changing Tempo, Pitch and Playback
Rates
Description :
SoundTouch is a LGPL-licensed open-source audio processing library for
changing the Tempo, Pitch and Playback Rates of audio streams or
files. The SoundTouch library is suited for application developers
writing sound processing tools that require tempo/pitch control
functionality, or just for playing around with the sound effects.

The SoundTouch library source kit includes an example utility
SoundStretch which allows processing .wav audio files from a
command-line interface.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2018-14044, CVE-2018-14045 and CVE-2018-1000223
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Aug 14 2018 Hans de Goede <hdegoede@redhat.com> - 2.0.0-6
- The last round of security fixes also fixes CVE-2018-14044, CVE-2018-14045
(rhbz#1601618, rhbz#1601620, rhbz#1601624, rhbz#1601625)
* Tue Aug 14 2018 Hans de Goede <hdegoede@redhat.com> - 2.0.0-5
- Security fix for CVE-2018-1000223 (rhbz#1609193, rhbz#1609194)
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> -
2.0.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jul 5 2018 Hans de Goede <hdegoede@redhat.com> 2.0.0-3
- Security fix for CVE-2017-9258, CVE-2017-9259, CVE-2017-9260 (rhbz#1475759)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1601624 - CVE-2018-14045 soundtouch: Reachable assertion in
FIRFilter.cpp causing denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1601624
[ 2 ] Bug #1601618 - CVE-2018-14044 soundtouch: Reachable assertion in
RateTransposer::setChannels() causing denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1601618
[ 3 ] Bug #1609193 - CVE-2018-1000223 soundtouch: Heap-based buffer overflow
in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() potentially leading to code execution
https://bugzilla.redhat.com/show_bug.cgi?id=1609193
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-f4f75985b8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PA4WRBGUOIUFQNNFWZ5NRQ6K7S63JU6G/
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung