Update to 1.5.17 fixing several CVEs (see bugs), rebuilt depending packages libASL and openmeeg (soversion bump)

This update has been submitted for testing by lupinix.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update's test gating status has been changed to 'waiting'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has been pushed to testing.

2 months ago
User Icon tis commented & provided feedback 2 months ago
karma

This update includes .so version bump. So all packages using libmatio must be updated at the same time.

package: libASL-0.1.7-5.el7.x86_64

unresolved deps:

 libmatio.so.2()(64bit)

package: openmeeg-2.4-0.3.rc4.el7.x86_64

unresolved deps:

 libmatio.so.2()(64bit)

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

2 months ago
User Icon lupinix commented & provided feedback 2 months ago

Thanks for the hint! I did not expect that for a minor version bump 1.5.x → 1.5.y … Unpushing the update for now

This update has been unpushed.

lupinix edited this update.

New build(s):

  • openmeeg-2.4-0.4.rc4.el7
  • libASL-0.1.7-6.el7

Karma has been reset.

2 months ago

This update has been submitted for testing by lupinix.

2 months ago

This update has been pushed to testing.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by lupinix.

a month ago

This update has been pushed to stable.

a month ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 months ago
in testing
2 months ago
in stable
a month ago
modified
2 months ago
BZ#1683942 CVE-2019-9033 matio: stack-based buffer over-read in function ReadNextCell() in mat5.c [epel-all]
0
0
BZ#1683947 CVE-2019-9034 matio: stack-based buffer over-read for a memcpy in function ReadNextCell() in mat5.c [epel-all]
0
0
BZ#1683986 CVE-2019-9035 matio: stack-based buffer over-read in function ReadNextStructField() in mat5.c [epel-all]
0
0
BZ#1683990 CVE-2019-9036 matio: heap-based buffer overflow in function ReadNextFunctionHandle() in mat5.c [epel-all]
0
0
BZ#1683993 CVE-2019-9037 matio: buffer over-read in function Mat_VarPrint() in mat.c [epel-all]
0
0
BZ#1684002 CVE-2019-9038 matio: out-of-bounds read with SEGV in function ReadNextCell() in mat5.c [epel-all]
0
0
BZ#1684009 CVE-2019-9026 matio: heap-based buffer overflow in function InflateVarName() in inflate.c [epel-all]
0
0
BZ#1684014 matio: CVE-2019-02-9027 matio: heap-based buffer overflow in function ReadNextCell() in mat5.c [epel-all]
0
0
BZ#1684017 CVE-2019-9028 matio: stack-based buffer over-read in the function InflateDimensions() in inflate.c [epel-all]
0
0
BZ#1684020 CVE-2019-9029 matio: out-of-bounds read with SEGV in function Mat_VarReadNextInfo5() in mat5.c [epel-all]
0
0
BZ#1684025 CVE-2019-9030 matio: stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c [epel-all]
0
0
BZ#1684041 CVE-2019-9032 matio: out-of-bounds write in function Mat_VarFree() in mat.c resulting in SEGV [epel-all]
0
0
BZ#1685379 CVE-2019-9031 matio: null pointer dereference in function Mat_VarFree() in mat.c [epel-all]
0
0
BZ#1728478 CVE-2019-13107 matio: multiple interger overflow in mat.c, mat4.c, mat5.c, mat73.c and matvar_struct.c [epel-all]
0
0

Automated Test Results