User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2013-16989 (nas)

Subject:  [SECURITY] Fedora 18 Update: nas-1.9.3-4.fc18
Date:  Fri, 27 Sep 2013 00:40:24 +0000
Message-ID:  <>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-16989 2013-09-18 11:39:33 -------------------------------------------------------------------------------- Name : nas Product : Fedora 18 Version : 1.9.3 Release : 4.fc18 URL : Summary : The Network Audio System (NAS) Description : In a nutshell, NAS is the audio equivalent of an X display server. The Network Audio System (NAS) was developed by NCD for playing, recording, and manipulating audio data over a network. Like the X Window System, it uses the client/server model to separate applications from the specific drivers that control audio input and output devices. Key features of the Network Audio System include: o Device-independent audio over the network o Lots of audio file and data formats o Can store sounds in server for rapid replay o Extensive mixing, separating, and manipulation of audio data o Simultaneous use of audio devices by multiple applications o Use by a growing number of ISVs o Small size o Free! No obnoxious licensing terms -------------------------------------------------------------------------------- Update Information: This release fixes four security bugs: buffer overflow when parsing display number (CVE-2013-4256), heap overflow when processing AUDIOHOST variable (CVE-2013-4257), formatting string for syslog call (CVE-2013-4258), and a race when opening a TCP device. -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 16 2013 Petr Pisar <> - 1.9.3-4 - Fix CVE-2013-4258 (formatting string for syslog call) (bug #1006753) - Fix CVE-2013-4256 (parsing display number) (bug #1006753) - Fix CVE-2013-4257 (heap overflow when processing AUDIOHOST variable) (bug #1006753) - Fix race when opening a TCP device (bug #1006753) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1006752 - nas: multiple vulnerabilities -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nas' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds