Lector de Feeds
Documentação-pt-BR
Canais_de_IRC_do_Mageia_na_Liberachat-pt-BR
← Older revision Revision as of 12:42, 7 February 2025 Line 59: Line 59: *[[Como_criar_uma_página_wiki-pt-BR|Como escrever uma página wiki]] *[[Como_criar_uma_página_wiki-pt-BR|Como escrever uma página wiki]] *[[Robôs_do_IRC-pt-BR|Robôs do IRC]] *[[Robôs_do_IRC-pt-BR|Robôs do IRC]] −*[[Mageia IRC Channels Liberachat|Canais de IRC do Mageia na Liberachat]]+*[[Canais_de_IRC_do_Mageia_na_Liberachat-pt-BR|Canais de IRC do Mageia na Liberachat]] *[[Mageia.org user account|Conta de usuário do Mageia.org]] *[[Mageia.org user account|Conta de usuário do Mageia.org]] *[[Mailing lists|Lista de discussão]] *[[Mailing lists|Lista de discussão]] Xgrind
Categorías: Wiki de Mageia
MGASA-2025-0040 - Updated gstreamer1.0, gstreamer1.0-plugins-base & gstreamer1.0-plugins-good packages fix security vulnerabilities
Publication date: 06 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-47537 , CVE-2024-47538 , CVE-2024-47539 , CVE-2024-47540 , CVE-2024-47541 , CVE-2024-47542 , CVE-2024-47543 , CVE-2024-47544 , CVE-2024-47545 , CVE-2024-47546 , CVE-2024-47596 , CVE-2024-47597 , CVE-2024-47598 , CVE-2024-47599 , CVE-2024-47600 , CVE-2024-47601 , CVE-2024-47602 Description GStreamer has an OOB-write in isomp4/qtdemux.c. (CVE-2024-47537) GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet. (CVE-2024-47538) GStreamer has an OOB-write in convert_to_s334_1a. (CVE-2024-47539) GStreamer uses uninitialized stack memory in Matroska/WebM demuxer. (CVE-2024-47540) GStreamer has an out-of-bounds write in SSA subtitle parser. (CVE-2024-47541) GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference. (CVE-2024-47542) GStreamer has an OOB-read in qtdemux_parse_container. (CVE-2024-47543) GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (CVE-2024-47544) GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read. (CVE-2024-47545) GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read. (CVE-2024-47546) GStreamer has an OOB-read in FOURCC_SMI_ parsing. (CVE-2024-47596) GStreamer has an OOB-read in qtdemux_parse_samples. (CVE-2024-47597) GStreamer has an OOB-read in qtdemux_merge_sample_table. (CVE-2024-47598) GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (CVE-2024-47599) GStreamer has an OOB-read in format_channel_mask. (CVE-2024-47600) GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47601) GStreamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (CVE-2024-47602) GStreamer NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47603) GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (CVE-2024-47606) Stack-buffer overflow in gst_opus_dec_parse_header. (CVE-2024-47607) GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush. (CVE-2024-47613) GStreamer has an out-of-bounds write in Ogg demuxer. (CVE-2024-47615) GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk. (CVE-2024-47774) GStreamer has an OOB-read in parse_ds64. (CVE-2024-47775) GStreamer has a OOB-read in gst_wavparse_cue_chunk. (CVE-2024-47776) GStreamer has an OOB-read in gst_wavparse_smpl_chunk. (CVE-2024-47777) GStreamer has an OOB-read in gst_wavparse_adtl_chunk. (CVE-2024-47778) Gstreamer Use-After-Free read in Matroska CodecPrivate. (CVE-2024-47834) Gstreamer NULL-pointer dereference in LRC subtitle parser. (CVE-2024-47835) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-47537 , CVE-2024-47538 , CVE-2024-47539 , CVE-2024-47540 , CVE-2024-47541 , CVE-2024-47542 , CVE-2024-47543 , CVE-2024-47544 , CVE-2024-47545 , CVE-2024-47546 , CVE-2024-47596 , CVE-2024-47597 , CVE-2024-47598 , CVE-2024-47599 , CVE-2024-47600 , CVE-2024-47601 , CVE-2024-47602 Description GStreamer has an OOB-write in isomp4/qtdemux.c. (CVE-2024-47537) GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet. (CVE-2024-47538) GStreamer has an OOB-write in convert_to_s334_1a. (CVE-2024-47539) GStreamer uses uninitialized stack memory in Matroska/WebM demuxer. (CVE-2024-47540) GStreamer has an out-of-bounds write in SSA subtitle parser. (CVE-2024-47541) GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference. (CVE-2024-47542) GStreamer has an OOB-read in qtdemux_parse_container. (CVE-2024-47543) GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (CVE-2024-47544) GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read. (CVE-2024-47545) GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read. (CVE-2024-47546) GStreamer has an OOB-read in FOURCC_SMI_ parsing. (CVE-2024-47596) GStreamer has an OOB-read in qtdemux_parse_samples. (CVE-2024-47597) GStreamer has an OOB-read in qtdemux_merge_sample_table. (CVE-2024-47598) GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (CVE-2024-47599) GStreamer has an OOB-read in format_channel_mask. (CVE-2024-47600) GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47601) GStreamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (CVE-2024-47602) GStreamer NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47603) GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (CVE-2024-47606) Stack-buffer overflow in gst_opus_dec_parse_header. (CVE-2024-47607) GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush. (CVE-2024-47613) GStreamer has an out-of-bounds write in Ogg demuxer. (CVE-2024-47615) GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk. (CVE-2024-47774) GStreamer has an OOB-read in parse_ds64. (CVE-2024-47775) GStreamer has a OOB-read in gst_wavparse_cue_chunk. (CVE-2024-47776) GStreamer has an OOB-read in gst_wavparse_smpl_chunk. (CVE-2024-47777) GStreamer has an OOB-read in gst_wavparse_adtl_chunk. (CVE-2024-47778) Gstreamer Use-After-Free read in Matroska CodecPrivate. (CVE-2024-47834) Gstreamer NULL-pointer dereference in LRC subtitle parser. (CVE-2024-47835) References
- https://bugs.mageia.org/show_bug.cgi?id=33856
- https://www.openwall.com/lists/oss-security/2024/12/13/1
- https://lists.debian.org/debian-security-announce/2024/msg00247.html
- https://lists.debian.org/debian-security-announce/2024/msg00248.html
- https://lists.debian.org/debian-security-announce/2024/msg00254.html
- https://ubuntu.com/security/notices/USN-7174-1
- https://ubuntu.com/security/notices/USN-7174-1
- https://ubuntu.com/security/notices/USN-7176-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47537
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47538
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47539
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47540
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47541
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47542
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47543
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47544
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47545
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47546
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47596
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47597
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47598
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47599
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47600
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47601
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47602
- gstreamer1.0-1.22.11-1.1.mga9
- gstreamer1.0-plugins-base-1.22.11-1.2.mga9
- gstreamer1.0-plugins-good-1.22.11-1.1.mga9
Categorías: Actualizaciones de Seguridad
mesa-24.2.3-1.mga9.tainted.src.rpm
In Mageia/9/x86_64:
Mesa is an OpenGL 4.6 compatible 3D graphics library.
Categorías: RPMs
mesa-24.2.3-1.mga9.tainted.src.rpm
In Mageia/9/aarch64:
Mesa is an OpenGL 4.6 compatible 3D graphics library.
Categorías: RPMs
mesa-24.2.3-1.mga9.tainted.src.rpm
In Mageia/9/armv7hl:
Mesa is an OpenGL 4.6 compatible 3D graphics library.
Categorías: RPMs
mesa-24.2.3-1.mga9.tainted.src.rpm
In Mageia/9/i586:
Mesa is an OpenGL 4.6 compatible 3D graphics library.
Categorías: RPMs
rachota-2.4-0.602hg.1.mga10.src.rpm
In Mageia/cauldron/x86_64:
Rachota is a portable application for timetracking different projects. It runs
everywhere. It displays time data in diagram form, creates customized reports
and invoices or analyses measured data and suggests hints to improve user's
time usage. The totally portable yet personal timetracker.
Categorías: RPMs
rachota-2.4-0.602hg.1.mga10.src.rpm
In Mageia/cauldron/i586:
Rachota is a portable application for timetracking different projects. It runs
everywhere. It displays time data in diagram form, creates customized reports
and invoices or analyses measured data and suggests hints to improve user's
time usage. The totally portable yet personal timetracker.
Categorías: RPMs
ppmtomd-1.6-9.mga10.src.rpm
In Mageia/cauldron/i586:
A program to convert images from PPM format into the control language for the
Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata.
This program drives the Alps Micro-Dry series of printers, including the
Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the
DP-7000).
In the current release, the program drives the standard mode fairly well; the
dye sublimation mode very well; and the VPhoto mode reasonably well.
It supports all the colours available up to the DP-5000, including the foil
colours.
Categorías: RPMs
ppmtomd-1.6-9.mga10.src.rpm
In Mageia/cauldron/x86_64:
A program to convert images from PPM format into the control language for the
Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata.
This program drives the Alps Micro-Dry series of printers, including the
Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the
DP-7000).
In the current release, the program drives the standard mode fairly well; the
dye sublimation mode very well; and the VPhoto mode reasonably well.
It supports all the colours available up to the DP-5000, including the foil
colours.
Categorías: RPMs
recoverjpeg-2.6.3-4.mga10.src.rpm
In Mageia/cauldron/x86_64:
This tool tries to recover JFIF (JPEG) pictures and MOV movies (using
recovermov) from a peripheral. This may be useful if you mistakenly overwrite
a partition or if a device such as a digital camera memory card is bogus.
Categorías: RPMs
recoverjpeg-2.6.3-4.mga10.src.rpm
In Mageia/cauldron/i586:
This tool tries to recover JFIF (JPEG) pictures and MOV movies (using
recovermov) from a peripheral. This may be useful if you mistakenly overwrite
a partition or if a device such as a digital camera memory card is bogus.
Categorías: RPMs
rdfind-1.6.0-1.mga10.src.rpm
In Mageia/cauldron/x86_64:
Rdfind is a program that finds duplicate files. It is useful for compressing
backup directories or just finding duplicate files. It compares files based on
their content, NOT on their file names.
Categorías: RPMs
rdfind-1.6.0-1.mga10.src.rpm
In Mageia/cauldron/i586:
Rdfind is a program that finds duplicate files. It is useful for compressing
backup directories or just finding duplicate files. It compares files based on
their content, NOT on their file names.
Categorías: RPMs
unifont-16.0.01-1.mga10.src.rpm
In Mageia/cauldron/x86_64:
Unifont is a Unicode font with a glyph for every visible Unicode Basic
Multilingual Plane code point and more, with supporting utilities to
modify the font. This package contains tools and glyph descriptions.
Categorías: RPMs
unifont-16.0.01-1.mga10.src.rpm
In Mageia/cauldron/i586:
Unifont is a Unicode font with a glyph for every visible Unicode Basic
Multilingual Plane code point and more, with supporting utilities to
modify the font. This package contains tools and glyph descriptions.
Categorías: RPMs
rancid-3.13-2.mga10.src.rpm
In Mageia/cauldron/i586:
RANCID monitors a router's (or more generally a device's) configuration,
including software and hardware (cards, serial numbers, etc) and uses CVS
(Concurrent Version System) or Subversion to maintain history of changes.
RANCID does this by the very simple process summarized here:
* login to each device in the router table (router.db),
* run various commands to get the information that will be saved,
* cook the output; re-format, remove oscillating or incrementing data,
* email any differences (sample) from the previous collection to a mail
list,
* and finally commit those changes to the revision control system
RANCID also includes looking glass software. It is based on Ed Kern's looking
glass which was once used for http://nitrous.digex.net/, for the old-school
folks who remember it. Our version has added functions, supports Cisco,
Juniper, and Foundry and uses the login scripts that come with rancid; so it
can use telnet or ssh to connect to your devices(s).
Rancid currently supports Cisco routers, Juniper routers, Catalyst switches,
Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd),
Alteon switches, and HP Procurve switches and a host of others.
Rancid is known to be used at: AOL, Global Crossing, MFN, NTT America,
Certainty Solutions Inc.
Categorías: RPMs
rancid-3.13-2.mga10.src.rpm
In Mageia/cauldron/x86_64:
RANCID monitors a router's (or more generally a device's) configuration,
including software and hardware (cards, serial numbers, etc) and uses CVS
(Concurrent Version System) or Subversion to maintain history of changes.
RANCID does this by the very simple process summarized here:
* login to each device in the router table (router.db),
* run various commands to get the information that will be saved,
* cook the output; re-format, remove oscillating or incrementing data,
* email any differences (sample) from the previous collection to a mail
list,
* and finally commit those changes to the revision control system
RANCID also includes looking glass software. It is based on Ed Kern's looking
glass which was once used for http://nitrous.digex.net/, for the old-school
folks who remember it. Our version has added functions, supports Cisco,
Juniper, and Foundry and uses the login scripts that come with rancid; so it
can use telnet or ssh to connect to your devices(s).
Rancid currently supports Cisco routers, Juniper routers, Catalyst switches,
Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd),
Alteon switches, and HP Procurve switches and a host of others.
Rancid is known to be used at: AOL, Global Crossing, MFN, NTT America,
Certainty Solutions Inc.
Categorías: RPMs
redis-7.4.0-1.mga10.src.rpm
In Mageia/cauldron/x86_64:
Redis is an advanced key-value store. It is often referred to as a data
structure server since keys can contain strings, hashes, lists, sets and
sorted sets.
You can run atomic operations on these types, like appending to a string;
incrementing the value in a hash; pushing to a list; computing set
intersection, union and difference; or getting the member with highest
ranking in a sorted set.
In order to achieve its outstanding performance, Redis works with an
in-memory dataset. Depending on your use case, you can persist it either
by dumping the dataset to disk every once in a while, or by appending
each command to a log.
Redis also supports trivial-to-setup master-slave replication, with very
fast non-blocking first synchronization, auto-reconnection on net split
and so forth.
Other features include Transactions, Pub/Sub, Lua scripting, Keys with a
limited time-to-live, and configuration settings to make Redis behave like
a cache.
You can use Redis from most programming languages also.
Categorías: RPMs
