Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in audacity
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in audacity
ID: FEDORA-2021-1a043ee3d2
Distribution: Fedora
Plattformen: Fedora 34
Datum: Di, 22. Juni 2021, 07:48
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1972963
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11867
Applikationen: Audacity

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2021-1a043ee3d2
2021-06-22 01:01:06.903238
-------------------------------------------------------------------------------
-

Name : audacity
Product : Fedora 34
Version : 3.0.2
Release : 3.fc34
URL : https://www.audacityteam.org/
Summary : Multitrack audio editor
Description :
Audacity is a cross-platform multitrack audio editor. It allows you to
record sounds directly or to import files in various formats. It features
a few simple effects, all of the editing features you should need, and
unlimited undo. The GUI was built with wxWidgets and the audio I/O
supports PulseAudio, OSS and ALSA under Linux.

-------------------------------------------------------------------------------
-
Update Information:

- Fix detection of Jack development package (fixes rhbz #1972963) - Add
packages
needed for the LV2 interface to use the system libraries - Fix CVE-2020-1867
(fixes rhbz #1904016)
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Jun 17 2021 Ian McInerney <ian.s.mcinerney@ieee.org> - 3.0.2-3
- Fix detection of Jack development package (fixes rhbz #1972963)
- Add packages needed for the LV2 interface to use the system libraries
- Temporarily disable the rpath checks until upstream fixes it
- Fix CVE-2020-1867 (fixes rhbz #1904016)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1904016 - CVE-2020-11867 audacity: insecure use of temporary
directory leads to information disclosure [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1904016
[ 2 ] Bug #1972963 - audacity: no jack host listed via pipewire
https://bugzilla.redhat.com/show_bug.cgi?id=1972963
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-1a043ee3d2' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung