Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
91
security advisorygentoosoftware updateGentoo: GLSA 202405-09 Normal: MediaInfo Multiple Issues
Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-assisted remote code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202405-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MediaInfo, MediaInfoLib: Multiple Vulnerabilities Date: May 04, 2024 Bugs: #778992, #836564, #875374, #917612 ID: 202405-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-assisted remote code execution. Background ========== MediaInfo supplies technical and tag information about media files. MediaInfoLib contains MediaInfo libraries. Affected packages ================= Package Vulnerable Unaffected ----------------------- ------------ ------------ media-libs/libmediainfo < 23.10 > = 23.10 media-video/mediainfo < 23.10 > = 23.10 Description =========== Multiple vulnerabilities have been discovered in MediaInfo and MediaInfoLib. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All MediaInfo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-video/mediainfo-23.10" All MediaInfolib users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/libmediainfo-23.10" References ========== Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo SecurityWebsite: https://security.gentoo.org/glsa/202405-09 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
May 04, 2024
Gentoo
89
security advisorymoderatehigh severityCentOS 8: 2021-1f83245d12 Critical: OpenSSL Security Flaw
Update mediainfo.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-3b67623d93 2021-04-06 01:03:31.227619 --------------------------------------------------------------------------------Name : mediainfo Product : Fedora 33 Version : 21.03 Release : 1.fc33 URL : https://mediaarea.net/en/MediaInfo Summary : Supplies technical and tag information about a video or audio file (CLI) Description : MediaInfo CLI (Command Line Interface). What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, S-MI --------------------------------------------------------------------------------Update Information: Update mediainfo. --------------------------------------------------------------------------------ChangeLog: * Sun Mar 28 2021 Vasiliy N. Glazov - 21.03-1 - Update to 21.03 * Tue Jan 26 2021 Fedora Release Engineering - 20.09-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1940984 - CVE-2020-26797 mediainfo: heap-based buffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940984 [ 2 ] Bug #1940986 - CVE-2020-26797 libmediainfo: mediainfo: heap-based buffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940986 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-3b67623d93' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2021
•Critical
Fedora
89
security advisorymoderatebuffer overflowFedora 33: 2021-04-06 Moderate: libzen Buffer Overflow Warning
Update mediainfo.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-3b67623d93 2021-04-06 01:03:31.227619 --------------------------------------------------------------------------------Name : libzen Product : Fedora 33 Version : 0.4.39 Release : 1.fc33 URL : https://github.com/MediaArea/ZenLib Summary : Shared library for libmediainfo and medianfo* Description : Files shared library for libmediainfo and medianfo-*. --------------------------------------------------------------------------------Update Information: Update mediainfo. --------------------------------------------------------------------------------ChangeLog: * Sun Mar 28 2021 Vasiliy N. Glazov - 0.4.39-1 - Update to 0.4.39 * Tue Jan 26 2021 Fedora Release Engineering - 0.4.38-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1940984 - CVE-2020-26797 mediainfo: heap-based buffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940984 [ 2 ] Bug #1940986 - CVE-2020-26797 libmediainfo: mediainfo: heap-based buffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940986 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-3b67623d93' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2021
•Important
Fedora
203
security advisoryupdatebuffer overflowMageia: 2021-0134 High: MediaInfo Memory Corruption Threat
In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing) (CVE-2020-15395). References: . MGASA-2021-0134 - Updated mediainfo packages a fix security vulnerability Publication date: 14 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0134.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-15395 In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing) (CVE-2020-15395). References: - https://bugs.mageia.org/show_bug.cgi?id=27626 - https://lists.fedoraproject.org/archives/list/
Mar 14, 2021
Mageia
89
security advisoryfedorabuffer overflowFedora 32: 2020-dec3658f55 Critical: MediaInfo Buffer Overflow
Update to 20.09.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-dec3658f55 2020-11-17 01:12:53.296144 --------------------------------------------------------------------------------Name : mediainfo Product : Fedora 32 Version : 20.09 Release : 1.fc32 URL : https://mediaarea.net/en/MediaInfo Summary : Supplies technical and tag information about a video or audio file (CLI) Description : MediaInfo CLI (Command Line Interface). What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, S-MI --------------------------------------------------------------------------------Update Information: Update to 20.09. --------------------------------------------------------------------------------ChangeLog: * Sat Nov 7 2020 Vasiliy N. Glazov - 20.09-1 - Update to 20.09 --------------------------------------------------------------------------------References: [ 1 ] Bug #1852957 - CVE-2020-15395 mediainfo: Buffer overflow vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1852957 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program.Use su -c 'dnf upgrade --advisory FEDORA-2020-dec3658f55' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 16, 2020
•Critical
Fedora
89
security advisorysecurity issuefedoraFedora 29: FEDORA-2019-b7cf3236fb moderate: MediaInfo Security Fix
Update to 19.04.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-b7cf3236fb 2019-05-25 03:34:29.627706 --------------------------------------------------------------------------------Name : mediainfo Product : Fedora 29 Version : 19.04 Release : 1.fc29 URL : https://mediaarea.net/en/MediaInfo Summary : Supplies technical and tag information about a video or audio file (CLI) Description : MediaInfo CLI (Command Line Interface). What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, S-MI --------------------------------------------------------------------------------Update Information: Update to 19.04. --------------------------------------------------------------------------------ChangeLog: * Wed Apr 24 2019 Vasiliy N. Glazov - 19.04-1 - Update to 19.04 * Fri Feb 1 2019 Fedora Release Engineering - 18.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Dec 13 2018 Vasiliy N. Glazov - 18.12-1 - Update to 18.12 --------------------------------------------------------------------------------References: [ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1701845 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-b7cf3236fb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 24, 2019
•Important
Fedora
89
security advisoryupdateFedoraFedora 28: Critical Mediainfo Security Update for Multiple Flaws
Update to 19.04.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-7155125125 2019-05-25 01:10:26.463302 --------------------------------------------------------------------------------Name : mediainfo Product : Fedora 28 Version : 19.04 Release : 1.fc28 URL : https://mediaarea.net/en/MediaInfo Summary : Supplies technical and tag information about a video or audio file (CLI) Description : MediaInfo CLI (Command Line Interface). What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, S-MI --------------------------------------------------------------------------------Update Information: Update to 19.04. --------------------------------------------------------------------------------ChangeLog: * Wed Apr 24 2019 Vasiliy N. Glazov - 19.04-1 - Update to 19.04 * Fri Feb 1 2019 Fedora Release Engineering - 18.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Dec 13 2018 Vasiliy N. Glazov - 18.12-1 - Update to 18.12 * Tue Sep 11 2018 Vasiliy N. Glazov - 18.08.1-1 - Update to 18.08.1 * Mon Sep 3 2018 Vasiliy N. Glazov - 18.08-1 - Update to 18.08 * Fri Jul 13 2018 Fedora Release Engineering -18.05-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Tue Jul 10 2018 Scott Talbert - 18.05-2 - Rebuild with wxWidgets 3.0 * Thu May 10 2018 Vasiliy N. Glazov - 18.05-1 - Update to 18.05 --------------------------------------------------------------------------------References: [ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1701845 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-7155125125' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 24, 2019
•Critical
Fedora
89
security advisoryupdateFedoraFedora 30: FEDORA-2019-1736c1268d Moderate: MediaInfo Security Update
Update to 19.04.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-1736c1268d 2019-05-25 01:04:18.279190 --------------------------------------------------------------------------------Name : mediainfo Product : Fedora 30 Version : 19.04 Release : 1.fc30 URL : https://mediaarea.net/en/MediaInfo Summary : Supplies technical and tag information about a video or audio file (CLI) Description : MediaInfo CLI (Command Line Interface). What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, S-MI --------------------------------------------------------------------------------Update Information: Update to 19.04. --------------------------------------------------------------------------------ChangeLog: * Wed Apr 24 2019 Vasiliy N. Glazov - 19.04-1 - Update to 19.04 --------------------------------------------------------------------------------References: [ 1 ] Bug #1701845 - CVE-2019-11372 CVE-2019-11373 mediainfo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1701845 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program.Use su -c 'dnf upgrade --advisory FEDORA-2019-1736c1268d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 24, 2019
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!