drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in TagLib
Name: |
Mehrere Probleme in TagLib |
|
ID: |
FEDORA-2012-4268 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 15 |
|
Datum: |
So, 8. April 2012, 10:53 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1584 |
|
Applikationen: |
TagLib |
|
Originalnachricht |
Name : taglib Product : Fedora 15 Version : 1.7.1 Release : 1.fc15 URL : http://launchpad.net/taglib Summary : Audio Meta-Data Library Description : TagLib is a library for reading and editing the meta-data of several popular audio formats. Currently it supports both ID3v1 and ID3v2 for MP3 files, Ogg Vorbis comments and ID3 tags and Vorbis comments in FLAC, MPC, Speex, WavPack, TrueAudio files, as well as APE Tags.
------------------------------------------------------------------------------- - Update Information:
New upstream release, largely to address security issues related to ogg xiphcomments and ape sampleRate=0. ------------------------------------------------------------------------------- - ChangeLog:
* Mon Mar 19 2012 Rex Dieter <rdieter@fedoraproject.org> 1.7.1-1 - taglib-1.7.1 * Tue Feb 28 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7-4 - Rebuilt for c++ ABI breakage * Sat Feb 4 2012 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.7-3 - Backported fix for a crash in .ape file parsing RHBZ#700727 * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #800559 - CVE-2012-1108 taglib: ogg file with vendorLength field modification causes crash https://bugzilla.redhat.com/show_bug.cgi?id=800559 [ 2 ] Bug #800553 - CVE-2012-1107 taglib: ape file with sampleRate 0 causes crash https://bugzilla.redhat.com/show_bug.cgi?id=800553 [ 3 ] Bug #810009 - CVE-2012-1584 taglib: integer overflow can crash application https://bugzilla.redhat.com/show_bug.cgi?id=810009 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update taglib' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|