You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa libid3tag

Sigurnosni nedostaci programskog paketa libid3tag

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-04-09 19:08:06.183394

Name : libid3tag
Product : Fedora 27
Version : 0.15.1b
Release : 26.fc27
Summary : ID3 tag manipulation library
Description :
libid3tag is a library for reading and (eventually) writing ID3 tags,
both ID3v1 and the various versions of ID3v2.

Update Information:

Security fix for CVE-2004-2779 and CVE-2017-11550

[ 1 ] Bug #1478934 – CVE-2017-11550 libid3tag: NULL Pointer Dereference in id3_ucs4_length function in ucs4.c
[ 2 ] Bug #1561983 – CVE-2004-2779 libid3tag: id3_utf16_deserialize() misparses ID3v2 tags with an odd number of bytes resulting in an endless loop

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade libid3tag’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorPetar Bertok
Cert idNCERT-REF-2018-04-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa compat

Otkriveni su sigurnosni nedostaci u programskom paketu compat za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju prekoračenje memorijskog spremnika...