Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 30: FEDORA-2021-dc7a1234ef Critical: xyzapp Memory Leak Issue

fedora
Calendar Grey May 20, 2020
Dist Fedora Esm H88
Explore the latest Fedora 30 release for abcm2ps, tackling CVEs and improving functionalities in musical notation rendering.
New upstream release with fixes for CVEs and other enhancements.

Summary

Abcm2ps is a package which converts music tunes from ABC format to

Postscript. Based on abc2ps version 1.2.5, it was developed mainly to

print Baroque organ scores which have independent voices played on one

or many keyboards and a pedal-board. Abcm2ps introduces many

extensions to the ABC language that make it suitable for classical

music.

New upstream release with fixes for CVEs and other enhancements.

* Tue May 12 2020 Stuart Gathman - 8.14.7-2

- Move sample ABC output to subpackage

* Tue May 12 2020 Stuart Gathman - 8.14.7-1

- New upstream release

* Wed Apr 29 2020 Filipe Rosset - 7.8.14-11

- Fix FTBFS

* Tue Jan 28 2020 Fedora Release Engineering - 7.8.14-10

- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Wed Jul 24 2019 Fedora Release Engineering - 7.8.14-9

- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

[ 1 ] Bug #1063718 - abcm2ps-8.14.7 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1063718

[ 2 ] Bug #1576118 - CVE-2018-10753 abcm2ps: stack based buffer overflow in the delayed_output function in music.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1576118

[ 3 ] Bug #1576641 - CVE-2018-10771 abcm2ps: Stack-based buffer overflow in parse.c:get_key() allows for denial of service [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1576641

[ 4 ] Bug #1799137 - abcm2ps: FTBFS in Fedora rawhide/f32

https://bugzilla.redhat.com/show_bug.cgi?id=1799137

su -c 'dnf upgrade --advisory FEDORA-2020-eb7a965fcf' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory buffer overflow software update Fedora critical threat abcm2ps

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 30
Version: 8.14.7
Release: 2.fc30
URL: http://moinejf.free.fr
Summary: A program to typeset ABC tunes into Postscript

Topics%20covered

Topics Covered

security advisory buffer overflow software update Fedora critical threat abcm2ps

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here