Fedora 29: aubio FEDORA-2019-b1157fdfdc

    Date11 Aug 2019
    CategoryFedora
    223
    Posted ByLinuxSecurity Advisories
    Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2019-b1157fdfdc
    2019-08-12 01:39:02.163196
    --------------------------------------------------------------------------------
    
    Name        : aubio
    Product     : Fedora 29
    Version     : 0.4.9
    Release     : 1.fc29
    URL         : http://aubio.org/
    Summary     : An audio labeling library
    Description :
    aubio is a library for audio labeling. Its features include
    segmenting a sound file before each of its attacks, performing pitch
    detection, tapping the beat and producing midi streams from live
    audio. The name aubio comes from 'audio' with a typo: several
    transcription errors are likely to be found in the results too.
    
    The aim of this project is to provide these automatic labeling
    features to other audio software. Functions can be used offline in
    sound editors and software samplers, or online in audio effects and
    virtual instruments.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Thu Aug  1 2019 Guido Aulisi  - 0.4.9-1
    - Update to 0.4.9
    - Some spec cleanup
    - CVE-2018-19800 prevent a possible buffer overflow in new_aubio_tempo
    - CVE-2018-19801 prevent a null-pointer dereference in new_aubio_filterbank
    - CVE-2018-19802 prevent a null-pointer dereference in new_aubio_onset
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1735586 - CVE-2019-1010224 aubio: null pointer dereference in component onset
            https://bugzilla.redhat.com/show_bug.cgi?id=1735586
      [ 2 ] Bug #1735588 - CVE-2019-1010223 aubio: buffer overflow in component tempo
            https://bugzilla.redhat.com/show_bug.cgi?id=1735588
      [ 3 ] Bug #1735591 - CVE-2019-1010222 aubio: null pointer dereference in component filterbank
            https://bugzilla.redhat.com/show_bug.cgi?id=1735591
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2019-b1157fdfdc' at the command
    line. For more information, refer to the dnf documentation available at
    http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":62.5,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":12.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.