Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the 6.9 branch ChangeLog.

Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates.


#1490649 - emacs-25.3 is available

#1490410 - unsafe enriched mode translations (security)

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-3a568adb31

This update has been submitted for testing by mooninite.

2 years ago

mooninite edited this update.

2 years ago

mooninite edited this update.

2 years ago

adamwill edited this update.

New build(s):

  • rubygem-rmagick-2.16.0-4.fc25.2
  • vips-8.4.4-1.fc25.1
  • vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc25
  • techne-0.2.3-20.fc25
  • synfig-1.2.0-1.fc25.1
  • rss-glx-0.9.1.p-27.fc25.1
  • ripright-0.11-5.fc25
  • q-7.11-29.fc25
  • psiconv-0.9.8-22.fc25
  • php-pecl-imagick-3.4.3-2.fc25
  • pfstools-2.0.6-3.fc25
  • perl-Image-SubImageFind-0.03-13.fc25
  • kxstitch-1.2.0-9.fc25
  • imageinfo-0.05-27.fc25
  • gtatool-2.2.0-6.fc25
  • drawtiming-0.7.1-22.fc25
  • converseen-0.9.6.2-3.fc25
  • WindowMaker-0.95.7-3.fc25.1
  • emacs-25.2-5.fc25

Karma has been reset.

2 years ago

adamwill edited this update.

New build(s):

  • synfigstudio-1.2.0-5.fc25

Karma has been reset.

2 years ago

adamwill edited this update.

New build(s):

  • inkscape-0.92.1-4.20170510bzr15686.fc25.1

Karma has been reset.

2 years ago
User Icon remi commented & provided feedback 2 years ago

subscribe for notification

User Icon remi commented & provided feedback 2 years ago

Notice, as codecs moved from /usr/lib64/ImageMagick-6.9.3/ to /usr/lib64/ImageMagick-6.9.9/ a reboot should be suggested.

mooninite edited this update.

2 years ago

This update has been pushed to testing.

2 years ago

mooninite edited this update.

New build(s):

  • k3d-0.8.0.6-8.fc25

Karma has been reset.

2 years ago

This update has been submitted for testing by mooninite.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon hreindl provided feedback 2 years ago
User Icon hreindl commented & provided feedback 2 years ago
karma

works and deployed to production - but which idiot tool pretends that you need to reboot because of a ImageMagick update? are we now Microsoft Windows? BTW: the bodhi webinterface becomes worser and worser

User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted on f25

User Icon remi commented & provided feedback 2 years ago

but which idiot tool pretends ...

Me :p Read my comment above.

karma
User Icon sergiomb commented & provided feedback 2 years ago
karma

we need this in stable to install other packages ...

User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me in a VM

pwalter edited this update.

New build(s):

  • emacs-25.3-3.fc25
  • ImageMagick-6.9.9.13-1.fc25

Removed build(s):

  • emacs-25.2-5.fc25
  • ImageMagick-6.9.9.9-1.fc25

Karma has been reset.

2 years ago

This update has been submitted for testing by pwalter.

2 years ago

This update has obsoleted emacs-25.3-1.fc25, and has inherited its bugs and notes.

2 years ago
User Icon pwalter commented & provided feedback 2 years ago

Could people give this update karma again so that we can move it to stable quickly? Thanks!

User Icon sergiomb commented & provided feedback 2 years ago
karma

I already installed it and no regressions noted

This update has been pushed to testing.

2 years ago
karma

This update has been submitted for stable by pwalter.

2 years ago
User Icon pwalter commented & provided feedback 2 years ago

This has spent enough time in updates-testing now and has gotten sufficient testing. Submitted to stable now. Thanks for testing everybody!

This update has been pushed to stable.

2 years ago

Please login to add feedback.

BZ#1350462 CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all]
0
0
BZ#1361494 CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all]
0
0
BZ#1361578 CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all]
0
0
BZ#1378790 CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all]
0
0
BZ#1408404 CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all]
0
0
BZ#1410515 ImageMagick: various flaws [fedora-all]
0
0
BZ#1413898 CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all]
0
0
BZ#1453125 CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all]
0
0
BZ#1455602 CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all]
0
0
BZ#1465064 CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all]
0
0
BZ#1470670 CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all]
0
0
BZ#1471122 CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all]
0
0
BZ#1471837 CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
0
0
BZ#1473719 CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all]
0
0
BZ#1473758 CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all]
0
0
BZ#1473775 CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all]
0
0
BZ#1473797 CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all]
0
0
BZ#1473799 CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all]
0
0
BZ#1473825 CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all]
0
0
BZ#1473848 CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all]
0
0
BZ#1474420 CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all]
0
0
BZ#1474846 CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all]
0
0
BZ#1475464 CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all]
0
0
BZ#1475471 CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all]
0
0
BZ#1475486 CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all]
0
0
BZ#1477070 CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
0
0
BZ#1477566 CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all]
0
0
BZ#1482626 CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all]
0
0
BZ#1482655 CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all]
0
0
BZ#1483117 CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all]
0
0
BZ#1483132 CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all]
0
0
BZ#1483575 CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all]
0
0
BZ#1490409 CVE-2017-14482 emacs: command injection flaw within "enriched mode" handling
0
0
BZ#1490410 CVE-2017-14482 emacs: Unsafe enriched mode translations [fedora-all]
0
0
BZ#1490649 emacs-25.3 is available
0
0

Automated Test Results