Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisorycriticalsoftware updateFedora 38: 2024:60cefb07e8 Critical: Hugin Issues Resolved
Security fix for CVE-2024-25442 CVE-2024-25443 CVE-2024-25445 CVE-2024-25446. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-60cefb07e8 2024-02-20 01:36:45.526432 -------------------------------------------------------------------------------- Name : hugin Product : Fedora 38 Version : 2023.0.0 Release : 2.fc38 URL : https://hugin.sourceforge.io/ Summary : A panoramic photo stitcher and more Description : hugin can be used to stitch multiple images together. The resulting image can span 360 degrees. Another common use is the creation of very high resolution pictures by combining multiple images. It uses the Panorama Tools as back-end to create high quality images -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2024-25442 CVE-2024-25443 CVE-2024-25445 CVE-2024-25446 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 5 2023 Bruno Postle - 2023.0.0-2 - build without lz4 workarounds see bug #2240334 * Sat Nov 11 2023 Bruno Postle - 2023.0.0-1 - 2023.0.0 stable release * Thu Jul 20 2023 Fedora Release Engineering - 2022.0.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Jul 3 2023 Python Maint - 2022.0.0-4 - Rebuilt for Python 3.12 * Mon Feb 20 2023 Jonathan Wakely - 2022.0.0-3 - Rebuilt for Boost 1.81 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2263555 - CVE-2024-25442 CVE-2024-25443 CVE-2024-25445 CVE-2024-25446 hugin: multiple CVEs https://bugzilla.redhat.com/show_bug.cgi?id=2263555 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-60cefb07e8' at the command line. For more information, refer tothe dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 20, 2024
•Critical
Fedora
202
security advisoryimportantpatch managementopenSUSE Backports SLE-15-SP5: 2024:0047-1 Important Hugin Patch
An update that fixes four vulnerabilities is now available. . openSUSE Security Update: Security update for hugin ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0047-1 Rating: important References: #1219819 #1219820 #1219821 #1219822 Cross-References: CVE-2024-25442 CVE-2024-25443 CVE-2024-25445 CVE-2024-25446 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for hugin fixes the following issues: Update to version 2023.0.0: * PTBatcherGUI can now also queue user defined assistant and user defined output sequences. * PTBatcherGUI: Added option to generate panorama sequences from an existing pto template. * Assistant: Added option to select different output options like projection, FOV or canvas size depending on different variables (e.g. image count, field of view, lens type). * Allow building with epoxy instead of GLEW for OpenGL pointer management. * Several improvements to crop tool (outside crop, aspect ratio, ...). * Several bug fixes (e.g. in verdandi/internal blender). * Updated translations. - fixed: boo#1219819 (CVE-2024-25442), boo#1219820 (CVE-2024-25443) boo#1219821 (CVE-2024-25445), boo#1219822 (CVE-2024-25446) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-47=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 ppc64le s390x x86_64): hugin-2023.0.0-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-25442.html https://www.suse.com/security/cve/CVE-2024-25443.html https://www.suse.com/security/cve/CVE-2024-25445.html https://www.suse.com/security/cve/CVE-2024-25446.html https://bugzilla.suse.com/1219819 https://bugzilla.suse.com/1219820 https://bugzilla.suse.com/1219821 https://bugzilla.suse.com/1219822 . The latest openSUSE release for GIMP tackles three major bugs and enhances overall software efficiency.. OpenSUSE Update,Hugin Security,Important Patch Management. . Severity: Important. LinuxSecurity.com Team
Feb 14, 2024
•Important
OpenSUSE
91
security advisorydenial of servicegentooGentoo: GLSA-200712-01 Normal: Hugin Denial of Service Risk
A vulnerability has been discovered in Hugin, potentially allowing for a Denial of Service.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Hugin: Insecure temporary file creation Date: December 05, 2007 Bugs: #195996 ID: 200712-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability has been discovered in Hugin, potentially allowing for a Denial of Service. Background ========= Hugin is a GUI for creating and processing panoramic images. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-gfx/hugin < 0.7_beta4-r1 *> = 0.6.1-r1 > = 0.7_beta4-r1 Description ========== Suse Linux reported that Hugin creates the "hugin_debug_optim_results.txt" temporary file in an insecure manner. Impact ===== A local attacker could exploit this vulnerability with a symlink attack, potentially overwriting an arbitrary file with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All Hugin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-gfx/hugin-0.6.1-r1" References ========= [ 1 ] CVE-2007-5200 https://www.cve.org/CVERecord?id=CVE-2007-5200 Availability =========== This GLSA and any updates to it are available forviewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200712-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Dec 05, 2007
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!