Fedora 38: FEDORA-2023-a5e10b188a Critical: FFmpeg Audio Security Issues

loudgain is a versatile ReplayGain 2.0 loudness normalizer, based on the

EBU R128/ITU BS.1770 standard (-18 LUFS) and supports

FLAC/Ogg/MP2/MP3/MP4/M4A/ALAC/Opus/ASF/WMA/WAV/WavPack/AIFF/APE audio

files. It uses the well-known mp3gain commandline syntax but will never

modify the actual audio data.

FFmpeg 6.0 upgrade. ---- update to 111.0.5563.64. Fixes the following

security issues: CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930

CVE-2023-0931 CVE-2023-0932 CVE-2023-0933 CVE-2023-0941 CVE-2023-1213

CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218

CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223

CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227

* Sun Mar 12 2023 Neal Gompa - 0.6.8-13

- Rebuild for ffmpeg 6.0

[ 1 ] Bug #1944122 - notcurses-2.3.17 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1944122

[ 2 ] Bug #2022640 - notcurses-2.4.9 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2022640

[ 3 ] Bug #2028587 - notcurses-3.0.4 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2028587

[ 4 ] Bug #2045133 - notcurses: FTBFS in Fedora rawhide/f36

https://bugzilla.redhat.com/show_bug.cgi?id=2045133

[ 5 ] Bug #2053373 - notcurses-3.0.6 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2053373

[ 6 ] Bug #2172934 - CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930 CVE-2023-0931 CVE-2023-0932 CVE-2023-0933 CVE-2023-0941 chromium: various flaws [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2172934

[ 7 ] Bug #2173846 - ffmpeg-6.0 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2173846

[ 8 ] Bug #2174875 - k3b-22.12.3 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2174875

[ 9 ] Bug #2176135 - mlt-7.14.0 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2176135

[ 10 ] Bug #2176519 - CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 ... chromium: various flaws [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2176519

[ 11 ] Bug #2176520 - CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 ... chromium: various flaws [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2176520

[ 12 ] Bug #2177300 - retroarch-1.15.0 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2177300

[ 13 ] Bug #2177550 - nv-codec-headers-12.0.16.0 is available

https://bugzilla.redhat.com/show_bug.cgi?id=2177550

su -c 'dnf upgrade --advisory FEDORA-2023-a5e10b188a' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it: