LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora 7 Update: id3lib-3.8.3-17.fc7 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This security update fixes a (minor) tempfile creation security issue (CVE-2007-4460) by using mkstemp (bugzilla 253553)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-1774
2007-08-23 22:40:53.379091
--------------------------------------------------------------------------------

Name        : id3lib
Product     : Fedora 7
Version     : 3.8.3
Release     : 17.fc7
Summary     : Library for manipulating ID3v1 and ID3v2 tags
Description :
This package provides a software library for manipulating ID3v1 and
ID3v2 tags. It provides a convenient interface for software developers
to include standards-compliant ID3v1/2 tagging capabilities in their
applications. Features include identification of valid tags, automatic
size conversions, (re)synchronisation of tag frames, seamless tag
(de)compression, and optional padding facilities. Additionally, it can
tell mp3 header info, like bitrate etc.

--------------------------------------------------------------------------------
Update Information:

This security update fixes a (minor) tempfile creation security issue (CVE-2007-4460) by using mkstemp (bugzilla 253553)

--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 20 2007 Hans de Goede  3.8.3-17
- Use mkstemp instead of insecure tempfile creation (bz 253553)
* Mon Aug 13 2007 Hans de Goede  3.8.3-16
- Update License tag for new Licensing Guidelines compliance
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #253553
        https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=253553
  [ 2 ] CVE-2007-4460
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460
--------------------------------------------------------------------------------
Updated packages:

e6b3087e4bbf2dfa8dd88f41b6ea9877992e386f id3lib-3.8.3-17.fc7.ppc64.rpm
5dbd4f22a208836933133c1c0fb241c939394dc0 id3lib-debuginfo-3.8.3-17.fc7.ppc64.rpm
6be196648013797251adfeaae6b52720c25f94d4 id3lib-devel-3.8.3-17.fc7.ppc64.rpm
c4cc4c16f97561fae3a5f70330ab7964c1640969 id3lib-3.8.3-17.fc7.i386.rpm
2b5ae4415358b2c59247b264b3b1d1a99cbd2b9a id3lib-devel-3.8.3-17.fc7.i386.rpm
0f2544b47b544b9e8ca54e19c21ed2b2b3a210d4 id3lib-debuginfo-3.8.3-17.fc7.i386.rpm
037f38b2988545ad440c5174a7313c4fec58f0f1 id3lib-debuginfo-3.8.3-17.fc7.x86_64.rpm
ab54ab72585de3a83ef4b7502e04e57dfe6e4ab7 id3lib-3.8.3-17.fc7.x86_64.rpm
e167543feb1561e259edbcc0e49cf63487ed2eb1 id3lib-devel-3.8.3-17.fc7.x86_64.rpm
f836a7b9b33c183fc6009d611c1efd1dee4a0876 id3lib-3.8.3-17.fc7.ppc.rpm
7e2badfdca50550fdf15d0f467d4c5e4843a7e7b id3lib-debuginfo-3.8.3-17.fc7.ppc.rpm
cdfa2d1d118b41d394278f4330a63f7b47bf46ea id3lib-devel-3.8.3-17.fc7.ppc.rpm
3a9864090c09df3d7aa82eeacb6adaff2ec19592 id3lib-3.8.3-17.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Today's Security Hacks Are After More Than Bank Info
How Boston Children's Hospital Hit Back at Anonymous
SNMP DDoS Scans Spoof Google Public DNS Server
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.