You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa libcdio

Sigurnosni nedostaci programskog paketa libcdio

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-03-06 17:17:51.858493

Name : libcdio
Product : Fedora 27
Version : 0.94
Release : 5.fc27
Summary : CD-ROM input and control library
Description :
This library provides an interface for CD-ROM access. It can be used
by applications that need OS- and device-independent access to CD-ROM

Update Information:

Added patch to fix: CVE-2017-18198 (#1549644) Added patch to fix: CVE-2017-18199
(#1549701) Added patches to fix: CVE-2017-18201 (#1549707)

[ 1 ] Bug #1549644 – CVE-2017-18198 libcdio: Heap-based buffer over-read in print_iso9660_recurse function in iso-info.c
[ 2 ] Bug #1549701 – CVE-2017-18199 libcdio: Null pointer dereference in realloc_symlink in rock.c
[ 3 ] Bug #1549707 – CVE-2017-18201 libcdio: Double free in get_cdtext_generic() in lib/driver/_cdio_generic.c

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade libcdio’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorPetar Bertok
Cert idNCERT-REF-2018-03-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa xen

Otkriveni su sigurnosni nedostaci u programskom paketu xen za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja...