--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2007-1774
2007-08-23 22:40:53.379091
--------------------------------------------------------------------------------Name        : id3lib
Product     : Fedora 7
Version     : 3.8.3
Release     : 17.fc7
Summary     : Library for manipulating ID3v1 and ID3v2 tags
Description :
This package provides a software library for manipulating ID3v1 and
ID3v2 tags. It provides a convenient interface for software developers
to include standards-compliant ID3v1/2 tagging capabilities in their
applications. Features include identification of valid tags, automatic
size conversions, (re)synchronisation of tag frames, seamless tag
(de)compression, and optional padding facilities. Additionally, it can
tell mp3 header info, like bitrate etc.

--------------------------------------------------------------------------------Update Information:

This security update fixes a (minor) tempfile creation security issue (CVE-2007-4460) by using mkstemp (bugzilla 253553)

--------------------------------------------------------------------------------ChangeLog:

* Mon Aug 20 2007 Hans de Goede  3.8.3-17
- Use mkstemp instead of insecure tempfile creation (bz 253553)
* Mon Aug 13 2007 Hans de Goede  3.8.3-16
- Update License tag for new Licensing Guidelines compliance
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #253553
        https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253553
  [ 2 ] CVE-2007-4460
        --------------------------------------------------------------------------------Updated packages:

e6b3087e4bbf2dfa8dd88f41b6ea9877992e386f id3lib-3.8.3-17.fc7.ppc64.rpm
5dbd4f22a208836933133c1c0fb241c939394dc0 id3lib-debuginfo-3.8.3-17.fc7.ppc64.rpm
6be196648013797251adfeaae6b52720c25f94d4 id3lib-devel-3.8.3-17.fc7.ppc64.rpm
c4cc4c16f97561fae3a5f70330ab7964c1640969 id3lib-3.8.3-17.fc7.i386.rpm
2b5ae4415358b2c59247b264b3b1d1a99cbd2b9a id3lib-devel-3.8.3-17.fc7.i386.rpm
0f2544b47b544b9e8ca54e19c21ed2b2b3a210d4 id3lib-debuginfo-3.8.3-17.fc7.i386.rpm
037f38b2988545ad440c5174a7313c4fec58f0f1 id3lib-debuginfo-3.8.3-17.fc7.x86_64.rpm
ab54ab72585de3a83ef4b7502e04e57dfe6e4ab7 id3lib-3.8.3-17.fc7.x86_64.rpm
e167543feb1561e259edbcc0e49cf63487ed2eb1 id3lib-devel-3.8.3-17.fc7.x86_64.rpm
f836a7b9b33c183fc6009d611c1efd1dee4a0876 id3lib-3.8.3-17.fc7.ppc.rpm
7e2badfdca50550fdf15d0f467d4c5e4843a7e7b id3lib-debuginfo-3.8.3-17.fc7.ppc.rpm
cdfa2d1d118b41d394278f4330a63f7b47bf46ea id3lib-devel-3.8.3-17.fc7.ppc.rpm
3a9864090c09df3d7aa82eeacb6adaff2ec19592 id3lib-3.8.3-17.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 7 Update: id3lib-3.8.3-17.fc7

August 27, 2007
This security update fixes a (minor) tempfile creation security issue (CVE-2007-4460) by using mkstemp (bugzilla 253553)

Summary

This package provides a software library for manipulating ID3v1 and

ID3v2 tags. It provides a convenient interface for software developers

to include standards-compliant ID3v1/2 tagging capabilities in their

applications. Features include identification of valid tags, automatic

size conversions, (re)synchronisation of tag frames, seamless tag

(de)compression, and optional padding facilities. Additionally, it can

tell mp3 header info, like bitrate etc.

This security update fixes a (minor) tempfile creation security issue (CVE-2007-4460) by using mkstemp (bugzilla 253553)

* Mon Aug 20 2007 Hans de Goede 3.8.3-17

- Use mkstemp instead of insecure tempfile creation (bz 253553)

* Mon Aug 13 2007 Hans de Goede 3.8.3-16

- Update License tag for new Licensing Guidelines compliance

[ 1 ] Bug #253553

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253553

[ 2 ] CVE-2007-4460

e6b3087e4bbf2dfa8dd88f41b6ea9877992e386f id3lib-3.8.3-17.fc7.ppc64.rpm

5dbd4f22a208836933133c1c0fb241c939394dc0 id3lib-debuginfo-3.8.3-17.fc7.ppc64.rpm

6be196648013797251adfeaae6b52720c25f94d4 id3lib-devel-3.8.3-17.fc7.ppc64.rpm

c4cc4c16f97561fae3a5f70330ab7964c1640969 id3lib-3.8.3-17.fc7.i386.rpm

2b5ae4415358b2c59247b264b3b1d1a99cbd2b9a id3lib-devel-3.8.3-17.fc7.i386.rpm

0f2544b47b544b9e8ca54e19c21ed2b2b3a210d4 id3lib-debuginfo-3.8.3-17.fc7.i386.rpm

037f38b2988545ad440c5174a7313c4fec58f0f1 id3lib-debuginfo-3.8.3-17.fc7.x86_64.rpm

ab54ab72585de3a83ef4b7502e04e57dfe6e4ab7 id3lib-3.8.3-17.fc7.x86_64.rpm

e167543feb1561e259edbcc0e49cf63487ed2eb1 id3lib-devel-3.8.3-17.fc7.x86_64.rpm

f836a7b9b33c183fc6009d611c1efd1dee4a0876 id3lib-3.8.3-17.fc7.ppc.rpm

7e2badfdca50550fdf15d0f467d4c5e4843a7e7b id3lib-debuginfo-3.8.3-17.fc7.ppc.rpm

cdfa2d1d118b41d394278f4330a63f7b47bf46ea id3lib-devel-3.8.3-17.fc7.ppc.rpm

3a9864090c09df3d7aa82eeacb6adaff2ec19592 id3lib-3.8.3-17.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2007-1774 2007-08-23 22:40:53.379091 Product : Fedora 7 Version : 3.8.3 Release : 17.fc7 Summary : Library for manipulating ID3v1 and ID3v2 tags Description : This package provides a software library for manipulating ID3v1 and ID3v2 tags. It provides a convenient interface for software developers to include standards-compliant ID3v1/2 tagging capabilities in their applications. Features include identification of valid tags, automatic size conversions, (re)synchronisation of tag frames, seamless tag (de)compression, and optional padding facilities. Additionally, it can tell mp3 header info, like bitrate etc. This security update fixes a (minor) tempfile creation security issue (CVE-2007-4460) by using mkstemp (bugzilla 253553) * Mon Aug 20 2007 Hans de Goede 3.8.3-17 - Use mkstemp instead of insecure tempfile creation (bz 253553) * Mon Aug 13 2007 Hans de Goede 3.8.3-16 - Update License tag for new Licensing Guidelines compliance [ 1 ] Bug #253553 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253553 [ 2 ] CVE-2007-4460 e6b3087e4bbf2dfa8dd88f41b6ea9877992e386f id3lib-3.8.3-17.fc7.ppc64.rpm 5dbd4f22a208836933133c1c0fb241c939394dc0 id3lib-debuginfo-3.8.3-17.fc7.ppc64.rpm 6be196648013797251adfeaae6b52720c25f94d4 id3lib-devel-3.8.3-17.fc7.ppc64.rpm c4cc4c16f97561fae3a5f70330ab7964c1640969 id3lib-3.8.3-17.fc7.i386.rpm 2b5ae4415358b2c59247b264b3b1d1a99cbd2b9a id3lib-devel-3.8.3-17.fc7.i386.rpm 0f2544b47b544b9e8ca54e19c21ed2b2b3a210d4 id3lib-debuginfo-3.8.3-17.fc7.i386.rpm 037f38b2988545ad440c5174a7313c4fec58f0f1 id3lib-debuginfo-3.8.3-17.fc7.x86_64.rpm ab54ab72585de3a83ef4b7502e04e57dfe6e4ab7 id3lib-3.8.3-17.fc7.x86_64.rpm e167543feb1561e259edbcc0e49cf63487ed2eb1 id3lib-devel-3.8.3-17.fc7.x86_64.rpm f836a7b9b33c183fc6009d611c1efd1dee4a0876 id3lib-3.8.3-17.fc7.ppc.rpm 7e2badfdca50550fdf15d0f467d4c5e4843a7e7b id3lib-debuginfo-3.8.3-17.fc7.ppc.rpm cdfa2d1d118b41d394278f4330a63f7b47bf46ea id3lib-devel-3.8.3-17.fc7.ppc.rpm 3a9864090c09df3d7aa82eeacb6adaff2ec19592 id3lib-3.8.3-17.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 7
Version : 3.8.3
Release : 17.fc7
Summary : Library for manipulating ID3v1 and ID3v2 tags

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved