Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in abcm2ps
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in abcm2ps
ID: FEDORA-2020-a820f2b735
Distribution: Fedora
Plattformen: Fedora 32
Datum: Do, 21. Mai 2020, 08:22
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10753
https://bugzilla.redhat.com/show_bug.cgi?id=1799137
https://bugzilla.redhat.com/show_bug.cgi?id=1063718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10771
Applikationen: abcm2ps

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2020-a820f2b735
2020-05-21 02:51:59.947815
-------------------------------------------------------------------------------
-

Name : abcm2ps
Product : Fedora 32
Version : 8.14.7
Release : 2.fc32
URL : http://moinejf.free.fr
Summary : A program to typeset ABC tunes into Postscript
Description :
Abcm2ps is a package which converts music tunes from ABC format to
Postscript. Based on abc2ps version 1.2.5, it was developed mainly to
print Baroque organ scores which have independent voices played on one
or many keyboards and a pedal-board. Abcm2ps introduces many
extensions to the ABC language that make it suitable for classical
music.

-------------------------------------------------------------------------------
-
Update Information:

New upstream release with fixes for CVEs and other enhancements.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue May 12 2020 Stuart Gathman <stuart@gathman.org> - 8.14.7-2
- Move sample ABC output to subpackage
* Tue May 12 2020 Stuart Gathman <stuart@gathman.org> - 8.14.7-1
- New upstream release
* Wed Apr 29 2020 Filipe Rosset <rosset.filipe@gmail.com> - 7.8.14-11
- Fix FTBFS
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> -
7.8.14-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1063718 - abcm2ps-8.14.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1063718
[ 2 ] Bug #1576118 - CVE-2018-10753 abcm2ps: stack based buffer overflow in
the delayed_output function in music.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1576118
[ 3 ] Bug #1576641 - CVE-2018-10771 abcm2ps: Stack-based buffer overflow in
parse.c:get_key() allows for denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1576641
[ 4 ] Bug #1799137 - abcm2ps: FTBFS in Fedora rawhide/f32
https://bugzilla.redhat.com/show_bug.cgi?id=1799137
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-a820f2b735' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung