Fedora Legacy Test Update Notification: grip

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-152919
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152919
2005-06-20
---------------------------------------------------------------------

Name        : grip
Versions    : rh73: grip-2.96-2.2.legacy
Versions    : rh9: grip-3.0.4-5.2.legacy
Versions    : fc1: grip-3.0.7-3.2.legacy
Summary     : A front-end for CD rippers and Ogg Vorbis encoders.
Description :
Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and
cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or
just a section of a track. Grip supports the CDDB protocol for
accessing track information on disc database servers.

---------------------------------------------------------------------
Update Information:

A new grip package is available that fixes a remote buffer overflow.

Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and
cdda2wav) and Ogg Vorbis encoders.

Dean Brettle discovered a buffer overflow bug in the way grip handles
data returned by CDDB servers. It is possible that if a user connects to
a malicious CDDB server, an attacker could execute arbitrary code on the
victim's machine. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0706 to this issue.

Users of grip should upgrade to this updated package, which
contains a backported patch, and is not vulnerable to this issue.

---------------------------------------------------------------------
Changelogs

rh73:
* Sun Jun 19 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
2.96-2.2.legacy
- Added missing gtk+-devel BuildRequires

* Sat Jun 11 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
2.96-2.1.legacy
- Added patch for CAN-2005-0706

rh9:
* Sun Jun 19 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
1:3.0.4-5.2.legacy
- Added missing gnome-libs-devel, desktop-file-utils and
  cdparanoia-devel BuildPrereq

* Sat Jun 11 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
1:3.0.4-5.1.legacy
- Added patch for CAN-2005-0706

fc1:
* Sun Jun 19 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
1:3.0.7-3.2.legacy
- Added explicit autoconf213 BuildPrereq
- Added missing gnome-libs-devel, desktop-file-utils
  and cdparanoia-devel to BuildPrereq

* Sat Jun 11 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
1:3.0.7-3.1.legacy
- Added patch for CAN-2005-0706

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

rh73:
d304e1b6737a081db63277d864729dc75064e8c5
redhat/7.3/updates-testing/i386/grip-2.96-2.2.legacy.i386.rpm
e650eb59926bc2778f43f585f5753f9e534dbd39
redhat/7.3/updates-testing/SRPMS/grip-2.96-2.2.legacy.src.rpm

rh9:
3d8746899f009548ad85b4ac1c433c2adb900ccb
redhat/9/updates-testing/i386/grip-3.0.4-5.2.legacy.i386.rpm
4c7f62387193fd9611f1a18ca670733e5351cb38
redhat/9/updates-testing/SRPMS/grip-3.0.4-5.2.legacy.src.rpm

fc1:
fb4889f36ad3696857c815100e81fc23cc623479
fedora/1/updates-testing/i386/grip-3.0.7-3.2.legacy.i386.rpm
fde89cd9de6717ccd7f42c8f54b33fb5f91d23ad
fedora/1/updates-testing/SRPMS/grip-3.0.7-3.2.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.

Attachment: signature.asc
Description: OpenPGP digital signature

--

fedora-legacy-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux