Stay Secure with the Latest Linux Advisories

security advisoryhigh severityupdate

Fedora 38 High Advisory: libcmis Memory Overrun - 2023-0d971cd6aa

7.5.9.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-0d971cd6aa 2023-12-13 01:33:56.709109 -------------------------------------------------------------------------------- Name : libcmis Product : Fedora 38 Version : 0.6.2 Release : 1.fc38 URL : https://github.com/tdf/libcmis Summary : A C/C++ client library for CM interfaces Description : LibCMIS is a C/C++ client library for working with CM (content management) interfaces. The primary supported interface (which gave the library its name) is CMIS, which allows applications to connect to any ECM behaving as a CMIS server (Alfresco or Nuxeo are examples of open source ones). Another supported interface is Google Drive. -------------------------------------------------------------------------------- Update Information: 7.5.9.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 15 2023 Gwyn Ciesla - 0.6.2-1 - 0.6.2 * Mon Nov 13 2023 Gwyn Ciesla - 0.6.1-1 - 0.6.1 * Thu Oct 12 2023 Gwyn Ciesla - 0.6.0-1 - 0.6.0 * Thu Jul 20 2023 Fedora Release Engineering - 0.5.2-22 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Mon Feb 20 2023 Jonathan Wakely - 0.5.2-21 - Rebuilt for Boost 1.81 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2254004 - CVE-2023-6185 libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254004 [ 2 ] Bug #2254006 - CVE-2023-6186 libreoffice: Insufficient macro permission validation leading to macro execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2254006 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2023-0d971cd6aa' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 38 brings libcmis 0.6.2, addressing issues linked to poor input validation and improper macro handling.. libcmis update,Fedora 38 security,content management software,improper input handling. . Severity: Critical. LinuxSecurity.com Team

Dec 13, 2023 •Critical Fedora