|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2019-655994894e (freeimage)



From:
              updates@fedoraproject.org 


To:
              package-announce@lists.fedoraproject.org 


Subject:
              [SECURITY] Fedora 31 Update: freeimage-3.18.0-6.fc31 


Date:
              Wed, 27 Nov 2019 00:25:08 +0000 (UTC)


Message-ID:
              <20191127002508.85B1D601EA34@bastion01.phx2.fedoraproject.org>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-655994894e
2019-11-27 00:22:45.362861
--------------------------------------------------------------------------------

Name        : freeimage
Product     : Fedora 31
Version     : 3.18.0
Release     : 6.fc31
URL         : http://freeimage.sourceforge.net/
Summary     : Multi-format image decoder library
Description :
FreeImage is a library for developers who would like to support popular
graphics image formats like PNG, BMP, JPEG, TIFF and others as needed by
today's multimedia applications.

--------------------------------------------------------------------------------
Update Information:

Backport fixes for CVE-2019-12211 and 2019-12213
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 17 2019 Sandro Mani <manisandro@gmail.com> - 3.18.0-6
- Backport fixes for CVE-2019-12211 and 2019-12213
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1732246 - CVE-2019-12211 freeimage: heap-based buffer overflow in PluginTIFF.cpp
[fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1732246
  [ 2 ] Bug #1732232 - CVE-2019-12213 freeimage: stack exhaustion in function TIFFReadDirectory in
PluginTIFF.cpp [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1732232
  [ 3 ] Bug #1732247 - CVE-2019-12211 mingw-freeimage: freeimage: heap-based buffer overflow in
PluginTIFF.cpp [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1732247
  [ 4 ] Bug #1732233 - CVE-2019-12213 mingw-freeimage: freeimage: stack exhaustion in function
TIFFReadDirectory in PluginTIFF.cpp [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1732233
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-655994894e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond...
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/package-ann...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds