Lector de Feeds

Canais_de_IRC_do_Mageia_na_Liberachat-pt-BR

← Older revision Revision as of 12:42, 7 February 2025 Line 59: Line 59:  *[[Como_criar_uma_página_wiki-pt-BR|Como escrever uma página wiki]] *[[Como_criar_uma_página_wiki-pt-BR|Como escrever uma página wiki]]  *[[Robôs_do_IRC-pt-BR|Robôs do IRC]] *[[Robôs_do_IRC-pt-BR|Robôs do IRC]] −*[[Mageia IRC Channels Liberachat|Canais de IRC do Mageia na Liberachat]]+*[[Canais_de_IRC_do_Mageia_na_Liberachat-pt-BR|Canais de IRC do Mageia na Liberachat]]  *[[Mageia.org user account|Conta de usuário do Mageia.org]] *[[Mageia.org user account|Conta de usuário do Mageia.org]]  *[[Mailing lists|Lista de discussão]] *[[Mailing lists|Lista de discussão]] Xgrind

Publication date: 06 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-47537 , CVE-2024-47538 , CVE-2024-47539 , CVE-2024-47540 , CVE-2024-47541 , CVE-2024-47542 , CVE-2024-47543 , CVE-2024-47544 , CVE-2024-47545 , CVE-2024-47546 , CVE-2024-47596 , CVE-2024-47597 , CVE-2024-47598 , CVE-2024-47599 , CVE-2024-47600 , CVE-2024-47601 , CVE-2024-47602 Description GStreamer has an OOB-write in isomp4/qtdemux.c. (CVE-2024-47537) GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet. (CVE-2024-47538) GStreamer has an OOB-write in convert_to_s334_1a. (CVE-2024-47539) GStreamer uses uninitialized stack memory in Matroska/WebM demuxer. (CVE-2024-47540) GStreamer has an out-of-bounds write in SSA subtitle parser. (CVE-2024-47541) GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference. (CVE-2024-47542) GStreamer has an OOB-read in qtdemux_parse_container. (CVE-2024-47543) GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (CVE-2024-47544) GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read. (CVE-2024-47545) GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read. (CVE-2024-47546) GStreamer has an OOB-read in FOURCC_SMI_ parsing. (CVE-2024-47596) GStreamer has an OOB-read in qtdemux_parse_samples. (CVE-2024-47597) GStreamer has an OOB-read in qtdemux_merge_sample_table. (CVE-2024-47598) GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (CVE-2024-47599) GStreamer has an OOB-read in format_channel_mask. (CVE-2024-47600) GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47601) GStreamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (CVE-2024-47602) GStreamer NULL-pointer dereference in Matroska/WebM demuxer. (CVE-2024-47603) GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (CVE-2024-47606) Stack-buffer overflow in gst_opus_dec_parse_header. (CVE-2024-47607) GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush. (CVE-2024-47613) GStreamer has an out-of-bounds write in Ogg demuxer. (CVE-2024-47615) GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk. (CVE-2024-47774) GStreamer has an OOB-read in parse_ds64. (CVE-2024-47775) GStreamer has a OOB-read in gst_wavparse_cue_chunk. (CVE-2024-47776) GStreamer has an OOB-read in gst_wavparse_smpl_chunk. (CVE-2024-47777) GStreamer has an OOB-read in gst_wavparse_adtl_chunk. (CVE-2024-47778) Gstreamer Use-After-Free read in Matroska CodecPrivate. (CVE-2024-47834) Gstreamer NULL-pointer dereference in LRC subtitle parser. (CVE-2024-47835) References

• https://bugs.mageia.org/show_bug.cgi?id=33856
• https://www.openwall.com/lists/oss-security/2024/12/13/1
• https://lists.debian.org/debian-security-announce/2024/msg00247.html
• https://lists.debian.org/debian-security-announce/2024/msg00248.html
• https://lists.debian.org/debian-security-announce/2024/msg00254.html
• https://ubuntu.com/security/notices/USN-7174-1
• https://ubuntu.com/security/notices/USN-7174-1
• https://ubuntu.com/security/notices/USN-7176-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47537
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47538
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47539
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47540
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47541
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47542
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47543
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47544
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47545
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47546
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47596
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47597
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47598
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47599
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47600
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47601
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47602

SRPMS 9/core

• gstreamer1.0-1.22.11-1.1.mga9
• gstreamer1.0-plugins-base-1.22.11-1.2.mga9
• gstreamer1.0-plugins-good-1.22.11-1.1.mga9

In Mageia/9/x86_64: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/aarch64: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/armv7hl: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/9/i586: Mesa is an OpenGL 4.6 compatible 3D graphics library.

In Mageia/cauldron/x86_64: Rachota is a portable application for timetracking different projects. It runs everywhere. It displays time data in diagram form, creates customized reports and invoices or analyses measured data and suggests hints to improve user's time usage. The totally portable yet personal timetracker.

In Mageia/cauldron/i586: Rachota is a portable application for timetracking different projects. It runs everywhere. It displays time data in diagram form, creates customized reports and invoices or analyses measured data and suggests hints to improve user's time usage. The totally portable yet personal timetracker.

In Mageia/cauldron/i586: A program to convert images from PPM format into the control language for the Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata. This program drives the Alps Micro-Dry series of printers, including the Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the DP-7000). In the current release, the program drives the standard mode fairly well; the dye sublimation mode very well; and the VPhoto mode reasonably well. It supports all the colours available up to the DP-5000, including the foil colours.

In Mageia/cauldron/x86_64: A program to convert images from PPM format into the control language for the Alps Micro-Dry printers, at various times sold by Citizen, Alps and Okidata. This program drives the Alps Micro-Dry series of printers, including the Citizen Printiva series, Alps MD series, and Oki DP series (but not yet the DP-7000). In the current release, the program drives the standard mode fairly well; the dye sublimation mode very well; and the VPhoto mode reasonably well. It supports all the colours available up to the DP-5000, including the foil colours.

In Mageia/cauldron/x86_64: This tool tries to recover JFIF (JPEG) pictures and MOV movies (using recovermov) from a peripheral. This may be useful if you mistakenly overwrite a partition or if a device such as a digital camera memory card is bogus.

In Mageia/cauldron/i586: This tool tries to recover JFIF (JPEG) pictures and MOV movies (using recovermov) from a peripheral. This may be useful if you mistakenly overwrite a partition or if a device such as a digital camera memory card is bogus.

In Mageia/cauldron/x86_64: Rdfind is a program that finds duplicate files. It is useful for compressing backup directories or just finding duplicate files. It compares files based on their content, NOT on their file names.

In Mageia/cauldron/i586: Rdfind is a program that finds duplicate files. It is useful for compressing backup directories or just finding duplicate files. It compares files based on their content, NOT on their file names.

In Mageia/cauldron/x86_64: Unifont is a Unicode font with a glyph for every visible Unicode Basic Multilingual Plane code point and more, with supporting utilities to modify the font. This package contains tools and glyph descriptions.

In Mageia/cauldron/i586: Unifont is a Unicode font with a glyph for every visible Unicode Basic Multilingual Plane code point and more, with supporting utilities to modify the font. This package contains tools and glyph descriptions.

In Mageia/cauldron/i586: RANCID monitors a router's (or more generally a device's) configuration, including software and hardware (cards, serial numbers, etc) and uses CVS (Concurrent Version System) or Subversion to maintain history of changes. RANCID does this by the very simple process summarized here: * login to each device in the router table (router.db), * run various commands to get the information that will be saved, * cook the output; re-format, remove oscillating or incrementing data, * email any differences (sample) from the previous collection to a mail list, * and finally commit those changes to the revision control system RANCID also includes looking glass software. It is based on Ed Kern's looking glass which was once used for http://nitrous.digex.net/, for the old-school folks who remember it. Our version has added functions, supports Cisco, Juniper, and Foundry and uses the login scripts that come with rancid; so it can use telnet or ssh to connect to your devices(s). Rancid currently supports Cisco routers, Juniper routers, Catalyst switches, Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd), Alteon switches, and HP Procurve switches and a host of others. Rancid is known to be used at: AOL, Global Crossing, MFN, NTT America, Certainty Solutions Inc.

In Mageia/cauldron/x86_64: RANCID monitors a router's (or more generally a device's) configuration, including software and hardware (cards, serial numbers, etc) and uses CVS (Concurrent Version System) or Subversion to maintain history of changes. RANCID does this by the very simple process summarized here: * login to each device in the router table (router.db), * run various commands to get the information that will be saved, * cook the output; re-format, remove oscillating or incrementing data, * email any differences (sample) from the previous collection to a mail list, * and finally commit those changes to the revision control system RANCID also includes looking glass software. It is based on Ed Kern's looking glass which was once used for http://nitrous.digex.net/, for the old-school folks who remember it. Our version has added functions, supports Cisco, Juniper, and Foundry and uses the login scripts that come with rancid; so it can use telnet or ssh to connect to your devices(s). Rancid currently supports Cisco routers, Juniper routers, Catalyst switches, Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd), Alteon switches, and HP Procurve switches and a host of others. Rancid is known to be used at: AOL, Global Crossing, MFN, NTT America, Certainty Solutions Inc.

In Mageia/cauldron/x86_64: Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Redis also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Redis behave like a cache. You can use Redis from most programming languages also.