--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2019-b1157fdfdc
2019-08-12 01:39:02.163196
--------------------------------------------------------------------------------Name        : aubio
Product     : Fedora 29
Version     : 0.4.9
Release     : 1.fc29
URL         : https://aubio.org/
Summary     : An audio labeling library
Description :
aubio is a library for audio labeling. Its features include
segmenting a sound file before each of its attacks, performing pitch
detection, tapping the beat and producing midi streams from live
audio. The name aubio comes from 'audio' with a typo: several
transcription errors are likely to be found in the results too.

The aim of this project is to provide these automatic labeling
features to other audio software. Functions can be used offline in
sound editors and software samplers, or online in audio effects and
virtual instruments.

--------------------------------------------------------------------------------Update Information:

Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802
--------------------------------------------------------------------------------ChangeLog:

* Thu Aug  1 2019 Guido Aulisi  - 0.4.9-1
- Update to 0.4.9
- Some spec cleanup
- CVE-2018-19800 prevent a possible buffer overflow in new_aubio_tempo
- CVE-2018-19801 prevent a null-pointer dereference in new_aubio_filterbank
- CVE-2018-19802 prevent a null-pointer dereference in new_aubio_onset
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1735586 - CVE-2019-1010224 aubio: null pointer dereference in component onset
        https://bugzilla.redhat.com/show_bug.cgi?id=1735586
  [ 2 ] Bug #1735588 - CVE-2019-1010223 aubio: buffer overflow in component tempo
        https://bugzilla.redhat.com/show_bug.cgi?id=1735588
  [ 3 ] Bug #1735591 - CVE-2019-1010222 aubio: null pointer dereference in component filterbank
        https://bugzilla.redhat.com/show_bug.cgi?id=1735591
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-b1157fdfdc' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 29: aubio FEDORA-2019-b1157fdfdc

August 11, 2019
Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802

Summary

aubio is a library for audio labeling. Its features include

segmenting a sound file before each of its attacks, performing pitch

detection, tapping the beat and producing midi streams from live

audio. The name aubio comes from 'audio' with a typo: several

transcription errors are likely to be found in the results too.

The aim of this project is to provide these automatic labeling

features to other audio software. Functions can be used offline in

sound editors and software samplers, or online in audio effects and

virtual instruments.

Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802

* Thu Aug 1 2019 Guido Aulisi - 0.4.9-1

- Update to 0.4.9

- Some spec cleanup

- CVE-2018-19800 prevent a possible buffer overflow in new_aubio_tempo

- CVE-2018-19801 prevent a null-pointer dereference in new_aubio_filterbank

- CVE-2018-19802 prevent a null-pointer dereference in new_aubio_onset

[ 1 ] Bug #1735586 - CVE-2019-1010224 aubio: null pointer dereference in component onset

https://bugzilla.redhat.com/show_bug.cgi?id=1735586

[ 2 ] Bug #1735588 - CVE-2019-1010223 aubio: buffer overflow in component tempo

https://bugzilla.redhat.com/show_bug.cgi?id=1735588

[ 3 ] Bug #1735591 - CVE-2019-1010222 aubio: null pointer dereference in component filterbank

https://bugzilla.redhat.com/show_bug.cgi?id=1735591

su -c 'dnf upgrade --advisory FEDORA-2019-b1157fdfdc' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2019-b1157fdfdc 2019-08-12 01:39:02.163196 Product : Fedora 29 Version : 0.4.9 Release : 1.fc29 URL : https://aubio.org/ Summary : An audio labeling library Description : aubio is a library for audio labeling. Its features include segmenting a sound file before each of its attacks, performing pitch detection, tapping the beat and producing midi streams from live audio. The name aubio comes from 'audio' with a typo: several transcription errors are likely to be found in the results too. The aim of this project is to provide these automatic labeling features to other audio software. Functions can be used offline in sound editors and software samplers, or online in audio effects and virtual instruments. Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802 * Thu Aug 1 2019 Guido Aulisi - 0.4.9-1 - Update to 0.4.9 - Some spec cleanup - CVE-2018-19800 prevent a possible buffer overflow in new_aubio_tempo - CVE-2018-19801 prevent a null-pointer dereference in new_aubio_filterbank - CVE-2018-19802 prevent a null-pointer dereference in new_aubio_onset [ 1 ] Bug #1735586 - CVE-2019-1010224 aubio: null pointer dereference in component onset https://bugzilla.redhat.com/show_bug.cgi?id=1735586 [ 2 ] Bug #1735588 - CVE-2019-1010223 aubio: buffer overflow in component tempo https://bugzilla.redhat.com/show_bug.cgi?id=1735588 [ 3 ] Bug #1735591 - CVE-2019-1010222 aubio: null pointer dereference in component filterbank https://bugzilla.redhat.com/show_bug.cgi?id=1735591 su -c 'dnf upgrade --advisory FEDORA-2019-b1157fdfdc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 29
Version : 0.4.9
Release : 1.fc29
URL : https://aubio.org/
Summary : An audio labeling library

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved