FEDORA-EPEL-2017-abd82daec6 created by robert 2 years ago for Fedora EPEL 6
stable

LAME 3.100 - October 13 2017

  • RogĂ©rio Brito
    • Don't include the debian directory as one that is needed during builds. Patch taken from Debian's packaging of lame.
    • Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1. This was transplanted back from aclocal.m4 with a patch provided by Andres Mejia. This change makes it easy to regenerate autotools' files with a simple invocation of autoconf -vfi.
    • Fix possible race condition causing build failures in libmp3lame. Discovered in automated builds by the Debian project with patch provided by Andres Mejia.
  • Robert Hegemann
    • Improved detection of MPEG audio data in RIFF WAVE files. Tracker item [ 3545112 ] Invalid sampling detection
    • New switch --gain <decibel>, range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of --scale <factor>.
    • Fix for tracker item [ 3558466 ] Bug in path handling
    • Fix for tracker item [ 3567844 ] problem with Tag genre
    • Fix for tracker item [ 3565659 ] no progress indication with pipe input
    • Fix for tracker item [ 3544957 ] scale (empty) silent encode without warning
    • Fix for tracker item [ 3580176 ] environment variable LAMEOPT doesn't work anymore
    • Fix for tracker item [ 3608583 ] input file name displayed with wrong character encoding (on windows console with CP_UTF8)
    • Fix for bug ticket [ #447 ] Fix dereference NULL and Buffer not NULL terminated issues. Thanks to Surabhi Mishra
    • Fix for bug ticket [ #445 ] dereference of a null pointer possible in loop. Thanks to Renu Tyagi
    • Fix for bug ticket [ #449 ] Make sure functions with SSE instructions maintain their own properly aligned stack. Thanks to Fabian Greffrath
    • Fix for bug ticket [ #458 ] Multiple Stack and Heap Corruptions from Malicious File. Thanks to Gareth Evans and Elio Blanca
    • Fix for bug ticket [ #460 ] A division by zero vulnerability. Thanks to Wang Shiyang, Liu Bingchang
    • Fix for bug ticket [ #461 ] CVE-2017-9410 fill_buffer_resample function in libmp3lame/util.c heap-based buffer over-read and ap
    • Fix for bug ticket [ #462 ] CVE-2017-9411 fill_buffer_resample function in libmp3lame/util.c invalid memory read and application crash
    • Fix for bug ticket [ #463 ] CVE-2017-9412 unpack_read_samples function in frontend/get_audio.c invalid memory read and application crash
    • Fix for bug ticket [ #434 ] clip detect scale suggestion unaware of scale input value
    • HIP decoder bug fixed: decoding mixed blocks of lower sample frequency Layer3 data resulted in internal buffer overflow (write). Thanks to Henri Salo
  • Alexander Leidinger
    • Feature request, patch ticket [ #27 ] Add lame_encode_buffer_interleaved_int() by Michael Fink
This update has been submitted for testing by robert. 2 years ago
This update has been pushed to testing. 2 years ago
User Icon slaanesh commented & provided feedback 2 years ago
karma

All good.

BZ#1470199 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-13712 CVE-2017-15018 CVE-2017-15019 CVE-2017-15045 CVE-2017-15046 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 CVE-2017-8419 lame: Multiple vulnerabilities
BZ#1470201 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-13712 CVE-2017-15018 CVE-2017-15019 CVE-2017-15045 CVE-2017-15046 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 CVE-2017-8419 lame: Multiple vulnerabilities [epel-all]
BZ#1505107 LAME 3.100 update with security fixes
This update has been submitted for batched by bodhi. 2 years ago
This update has been submitted for stable by bodhi. 2 years ago
This update has been pushed to stable. 2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
1
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1470199 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-13712 CVE-2017-15018 CVE-2017-15019 CVE-2017-15045 CVE-2017-15046 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 CVE-2017-8419 lame: Multiple vulnerabilities
0
1
BZ#1470201 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-13712 CVE-2017-15018 CVE-2017-15019 CVE-2017-15045 CVE-2017-15046 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 CVE-2017-8419 lame: Multiple vulnerabilities [epel-all]
0
1
BZ#1505107 LAME 3.100 update with security fixes
0
1

Automated Test Results