stable

ming-0.4.8-1.fc25

FEDORA-2017-d43d46f1ca created by rathann 7 years ago for Fedora 25

Release 0.4.8 (no ABI or API changes)

  • Add PHP7 compatibility
  • Fix C++ output of disassembler
  • Fix heap overflows in parser.c (CVE-2017-7578)
  • Avoid division by zero in listmp3 when no valid frame was found (CVE-2016-9265)
  • Don't try printing unknown block (CVE-2016-9828)
  • Parse Protect tag's Password as string (CVE-2016-9827)
  • Check values before deriving malloc parameters from them in parser.c (CVE-2016-9829)
  • Make readString() stop reading string past buffer's end
  • Return EOF when reading unsigned values hits end of memory backed buffer
  • Exit immediately when unexpected EOF is by fgetc() in utility programs (CVE-2016-9831)
  • Fix using EOF marker -1 value as a valid flag byte (CVE-2016-9266)
  • Fix division by zero sample rate due to global buffer overflow (CVE-2016-9264, CVE-2016-9265)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-d43d46f1ca

This update has been submitted for testing by rathann.

7 years ago

This update has been pushed to testing.

7 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by rathann.

7 years ago

This update has been pushed to stable.

7 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#1438687 CVE-2016-9264 CVE-2016-9265 CVE-2016-9266 CVE-2016-9827 CVE-2016-9828 CVE-2016-9829 CVE-2016-9831 ming: Multiple security vulnerabilities [fedora-all]
0
0

Automated Test Results