Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4 articles for you...
89
security advisorycritical issuebuffer overflowUbuntu 20.04: UBUNTU-2021-2e4d893e54 High: libexample Heap Corruption
Update mediainfo.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-3b67623d93 2021-04-06 01:03:31.227619 --------------------------------------------------------------------------------Name : libmediainfo Product : Fedora 33 Version : 21.03 Release : 1.fc33 URL : https://mediaarea.net/en/MediaInfo Summary : Library for supplies technical and tag information about a video or audio file Description : This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, SAMI --------------------------------------------------------------------------------Update Information: Update mediainfo. --------------------------------------------------------------------------------ChangeLog: * Sun Mar 28 2021 Vasiliy N. Glazov - 21.03-1 - Update to 21.03 * Tue Jan 26 2021 Fedora Release Engineering - 20.09-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1940984 - CVE-2020-26797 mediainfo: heap-basedbuffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940984 [ 2 ] Bug #1940986 - CVE-2020-26797 libmediainfo: mediainfo: heap-based buffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940986 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-3b67623d93' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2021
Fedora
89
security advisoryupdatebuffer overflowFedora 32: FEDORA-2020-dec3658f55 Moderate: libmediainfo Buffer Overflow
Update to 20.09.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-dec3658f55 2020-11-17 01:12:53.296144 --------------------------------------------------------------------------------Name : libmediainfo Product : Fedora 32 Version : 20.09 Release : 1.fc32 URL : https://mediaarea.net/en/MediaInfo Summary : Library for supplies technical and tag information about a video or audio file Description : This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, SAMI --------------------------------------------------------------------------------Update Information: Update to 20.09. --------------------------------------------------------------------------------ChangeLog: * Sat Nov 7 2020 Vasiliy N. Glazov - 20.09-1 - Update to 20.09 --------------------------------------------------------------------------------References: [ 1 ] Bug #1852957 - CVE-2020-15395 mediainfo: Buffer overflow vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1852957 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-dec3658f55' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 16, 2020
Fedora
203
security advisorysecurity updateout-of-boundsMageia: 2020-0047 Moderate: Libmediainfo Out-of-Bounds Read Issues
Out-of-bounds read in function MediaInfoLib:File__Tags_Helper:Synched_Test (CVE-2019-11372). Out-of-bounds read in function File__Analyze:Get_L8 (CVE-2019-11373). . MGASA-2020-0047 - Updated libmediainfo packages fix security vulnerabilities Publication date: 28 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0047.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-11372, CVE-2019-11373 Out-of-bounds read in function MediaInfoLib:File__Tags_Helper:Synched_Test (CVE-2019-11372). Out-of-bounds read in function File__Analyze:Get_L8 (CVE-2019-11373). References: - https://bugs.mageia.org/show_bug.cgi?id=25270 - - https://www.cve.org/CVERecord?id=CVE-2019-11372 - https://www.cve.org/CVERecord?id=CVE-2019-11373 SRPMS: - 7/core/libmediainfo-18.12-1.1.mga7 . Mageia 2020-0048 enhances network-manager packages resolving critical security flaws.. Mageia Security Update, Libmediainfo Fix, Out-Of-Bounds Security. . LinuxSecurity.com Team
Jan 28, 2020
Mageia
202
security advisorymoderatesoftware updateopenSUSE: 2019:1889-1 Moderate: libmediainfo Out-Of-Bounds Issue
An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for libmediainfo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1889-1 Rating: moderate References: #1133156 #1133157 Cross-References: CVE-2019-11372 CVE-2019-11373 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for libmediainfo fixes the following issues: * CVE-2019-11373: Fixed out-of-bounds read in function File__Analyze:Get_L8 (boo#1133156) * CVE-2019-11372: Fixed out-of-bounds read in function MediaInfoLib:File__Tags_Helper:Synched_Test (boo#1133157) This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1889=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): libmediainfo-devel-18.03-bp151.4.3.2 libmediainfo0-18.03-bp151.4.3.2 - openSUSE Backports SLE-15-SP1 (aarch64_ilp32): libmediainfo0-64bit-18.03-bp151.4.3.2 References: https://www.suse.com/security/cve/CVE-2019-11372.html https://www.suse.com/security/cve/CVE-2019-11373.html https://bugzilla.suse.com/1133156 https://bugzilla.suse.com/1133157 -- . A critical security notice for openSUSE libmediainfo highlights two vulnerabilities. Ensure you update your system immediately!. openSUSE Security Update, libmediainfo Patch, moderate Threat, out-of-bounds Fixes. . LinuxSecurity.com Team
Aug 14, 2019
OpenSUSE
202
security advisorymoderateupdateopenSUSE: 2019:1658-1 Moderate: libmediainfo Out-Of-Bounds Fixes
An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for libmediainfo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1658-1 Rating: moderate References: #1133156 #1133157 Cross-References: CVE-2019-11372 CVE-2019-11373 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for libmediainfo fixes the following issues: * CVE-2019-11373: Fixed out-of-bounds read in function File__Analyze:Get_L8 (boo#1133156) * CVE-2019-11372: Fixed out-of-bounds read in function MediaInfoLib:File__Tags_Helper:Synched_Test (boo#1133157) This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1658=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): libmediainfo-devel-18.03-bp150.3.6.1 libmediainfo0-18.03-bp150.3.6.1 - openSUSE Backports SLE-15 (aarch64_ilp32): libmediainfo0-64bit-18.03-bp150.3.6.1 References: https://www.suse.com/security/cve/CVE-2019-11372.html https://www.suse.com/security/cve/CVE-2019-11373.html https://bugzilla.suse.com/1133156 https://bugzilla.suse.com/1133157 -- . Addresses two significant security flaws in libmediainfo for openSUSE, providing improved protection and reliability for end users.. Security Update, libmediainfo, openSUSE Patch. . LinuxSecurity.com Team
Jun 27, 2019
OpenSUSE
202
security advisorymoderatesecurity updateopenSUSE Leap: 2019:1629-1 Moderate: libmediainfo Out-Of-Bounds Issues
An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for libmediainfo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1629-1 Rating: moderate References: #1133156 #1133157 Cross-References: CVE-2019-11372 CVE-2019-11373 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for libmediainfo fixes the following issues: * CVE-2019-11373: Fixed out-of-bounds read in function File__Analyze:Get_L8 (boo#1133156) * CVE-2019-11372: Fixed out-of-bounds read in function MediaInfoLib:File__Tags_Helper:Synched_Test (boo#1133157) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1629=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1629=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1629=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): libmediainfo-debugsource-0.7.96-2.3.1 libmediainfo-devel-0.7.96-2.3.1 libmediainfo0-0.7.96-2.3.1 libmediainfo0-debuginfo-0.7.96-2.3.1 - openSUSE Leap 42.3 (x86_64): libmediainfo0-32bit-0.7.96-2.3.1 libmediainfo0-debuginfo-32bit-0.7.96-2.3.1 - openSUSE Leap 15.0 (i586 x86_64): libmediainfo-debugsource-18.03-lp150.2.3.1 libmediainfo-devel-18.03-lp150.2.3.1 libmediainfo0-18.03-lp150.2.3.1 libmediainfo0-debuginfo-18.03-lp150.2.3.1 - openSUSE Leap 15.0 (x86_64): libmediainfo0-32bit-18.03-lp150.2.3.1 libmediainfo0-32bit-debuginfo-18.03-lp150.2.3.1 - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): libmediainfo-devel-18.03-bp150.3.3.1 libmediainfo0-18.03-bp150.3.3.1 - openSUSE Backports SLE-15 (aarch64_ilp32): libmediainfo0-64bit-18.03-bp150.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-11372.html https://www.suse.com/security/cve/CVE-2019-11373.html https://bugzilla.suse.com/1133156 https://bugzilla.suse.com/1133157 -- . Addresses boundary errors in libmediainfo for openSUSE Leap and Backports, classified with a moderate level of severity.. openSUSE, libmediainfo, security update, out-of-bounds, patch. . LinuxSecurity.com Team
Jun 26, 2019
OpenSUSE
89
security advisorysecurity updatefedoraFedora 29: FEDORA-2019-b7cf3236fb Moderate: Libmediainfo Security Fix
Update to 19.04.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-b7cf3236fb 2019-05-25 03:34:29.627706 --------------------------------------------------------------------------------Name : libmediainfo Product : Fedora 29 Version : 19.04 Release : 1.fc29 URL : https://mediaarea.net/en/MediaInfo Summary : Library for supplies technical and tag information about a video or audio file Description : This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, SAMI --------------------------------------------------------------------------------Update Information: Update to 19.04. --------------------------------------------------------------------------------ChangeLog: * Wed Apr 24 2019 Vasiliy N. Glazov - 19.04-1 - Update to 19.04 * Mon Apr 22 2019 Vasiliy N. Glazov - 18.12-3 - Fix CVE-2019-11372 * Fri Feb 1 2019 Fedora Release Engineering - 18.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Dec 13 2018 Vasiliy N. Glazov - 18.12-1 - Update to 18.12 * Tue Nov 27 2018Igor Gnatenko - 18.08.1-2 - Rebuild for tinyxml2 7.x --------------------------------------------------------------------------------References: [ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1701845 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-b7cf3236fb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 24, 2019
•Important
Fedora
89
security advisorysecurity updateFedoraFedora 28: FEDORA-2019-7155125125 Moderate: libmediainfo Update
Update to 19.04.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-7155125125 2019-05-25 01:10:26.463302 --------------------------------------------------------------------------------Name : libmediainfo Product : Fedora 28 Version : 19.04 Release : 1.fc28 URL : https://mediaarea.net/en/MediaInfo Summary : Library for supplies technical and tag information about a video or audio file Description : This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, SAMI --------------------------------------------------------------------------------Update Information: Update to 19.04. --------------------------------------------------------------------------------ChangeLog: * Wed Apr 24 2019 Vasiliy N. Glazov - 19.04-1 - Update to 19.04 * Mon Apr 22 2019 Vasiliy N. Glazov - 18.12-3 - Fix CVE-2019-11372 * Fri Feb 1 2019 Fedora Release Engineering - 18.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Dec 13 2018 Vasiliy N. Glazov - 18.12-1 - Update to 18.12 * Tue Nov 27 2018Igor Gnatenko - 18.08.1-2 - Rebuild for tinyxml2 7.x * Tue Sep 11 2018 Vasiliy N. Glazov - 18.08.1-1 - Update to 18.08.1 * Mon Sep 3 2018 Vasiliy N. Glazov - 18.08-1 - Update to 18.08 * Fri Jul 13 2018 Fedora Release Engineering - 18.05-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Thu May 10 2018 Vasiliy N. Glazov - 18.05-1 - Update to 18.05 --------------------------------------------------------------------------------References: [ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1701845 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-7155125125' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 24, 2019
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!