You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa leptonica

Sigurnosni nedostatak programskog paketa leptonica

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2018-78570112db
2018-03-13 17:14:38.070394
——————————————————————————–

Name : leptonica
Product : Fedora 26
Version : 1.74.4
Release : 5.fc26
URL : https://github.com/danbloomberg/leptonica
Summary : C library for efficient image processing and image analysis operations
Description :
The library supports many operations that are useful on
* Document images
* Natural images

Fundamental image processing and image analysis operations
* Rasterop (aka bitblt)
* Affine transforms (scaling, translation, rotation, shear)
on images of arbitrary pixel depth
* Projective and bi-linear transforms
* Binary and gray scale morphology, rank order filters, and
convolution
* Seed-fill and connected components
* Image transformations with changes in pixel depth, both at
the same scale and with scale change
* Pixelwise masking, blending, enhancement, arithmetic ops,
etc.

——————————————————————————–
Update Information:

This update fixes CVE-2017-18196. —- This update backports security fixes
for CVE-2018-3836, CVE-2018-7186 and CVE-2018-7247.
——————————————————————————–
References:

[ 1 ] Bug #1549410 – CVE-2017-18196 leptonica: Mishandled pathnames in /tmp subdirectories can allow users to bypass intended file restrictions
https://bugzilla.redhat.com/show_bug.cgi?id=1549410
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade leptonica’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-cbf621a53c
2018-03-13 23:10:46.408928
——————————————————————————–

Name : leptonica
Product : Fedora 27
Version : 1.74.4
Release : 5.fc27
URL : https://github.com/danbloomberg/leptonica
Summary : C library for efficient image processing and image analysis operations
Description :
The library supports many operations that are useful on
* Document images
* Natural images

Fundamental image processing and image analysis operations
* Rasterop (aka bitblt)
* Affine transforms (scaling, translation, rotation, shear)
on images of arbitrary pixel depth
* Projective and bi-linear transforms
* Binary and gray scale morphology, rank order filters, and
convolution
* Seed-fill and connected components
* Image transformations with changes in pixel depth, both at
the same scale and with scale change
* Pixelwise masking, blending, enhancement, arithmetic ops,
etc.

——————————————————————————–
Update Information:

This update fixes CVE-2017-18196. —- This update backports security fixes
for CVE-2018-3836, CVE-2018-7186 and CVE-2018-7247.
——————————————————————————–
References:

[ 1 ] Bug #1549410 – CVE-2017-18196 leptonica: Mishandled pathnames in /tmp subdirectories can allow users to bypass intended file restrictions
https://bugzilla.redhat.com/show_bug.cgi?id=1549410
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade leptonica’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorVlatka Misic
Cert idNCERT-REF-2018-03-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa freetype

Otkriven je sigurnosni nedostatak u programskom paketu freetype za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close