Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Fedora 27 Security Advisory 2017-67f13dd1e1 Critical Taglib Buffer Overflow

fedora
Calendar Grey November 11, 2017
Dist Fedora Esm H88
Arch Linux's libx11 update tackles CVE-2021-3397, improving security for X11 window management.
Security fix for CVE-2017-12678

Summary

TagLib is a library for reading and editing the meta-data of several

popular audio formats. Currently it supports both ID3v1 and ID3v2 for MP3

files, Ogg Vorbis comments and ID3 tags and Vorbis comments in FLAC, MPC,

Speex, WavPack, TrueAudio files, as well as APE Tags.

Security fix for CVE-2017-12678

[ 1 ] Bug #1483959 - CVE-2017-12678 taglib: Incorrect cast in rebuildAggregateFrames function

https://bugzilla.redhat.com/show_bug.cgi?id=1483959

su -c 'dnf upgrade mingw-taglib' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 1.11.1
Release: 4.fc27
Summary: Audio Meta-Data Library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.