You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke leptonica

Sigurnosni nedostaci programske biblioteke leptonica

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2018-c6e8b5f529
2018-05-16 13:05:35.606754
——————————————————————————–

Name : leptonica
Product : Fedora 28
Version : 1.76.0
Release : 1.fc28
URL : https://github.com/danbloomberg/leptonica
Summary : C library for efficient image processing and image analysis operations
Description :
The library supports many operations that are useful on
* Document images
* Natural images

Fundamental image processing and image analysis operations
* Rasterop (aka bitblt)
* Affine transforms (scaling, translation, rotation, shear)
on images of arbitrary pixel depth
* Projective and bi-linear transforms
* Binary and gray scale morphology, rank order filters, and
convolution
* Seed-fill and connected components
* Image transformations with changes in pixel depth, both at
the same scale and with scale change
* Pixelwise masking, blending, enhancement, arithmetic ops,
etc.

——————————————————————————–
Update Information:

Update to leptonica-1.76.0, see http://www.leptonica.com/source/version-
notes.html for details.
——————————————————————————–
ChangeLog:

* Thu May 3 2018 Sandro Mani <manisandro@gmail.com> – 1.76.0-1
– Update to 1.76.0
——————————————————————————–
References:

[ 1 ] Bug #1549735 – CVE-2018-7442 leptonica: directory traversal in gplot rootname argument [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549735
[ 2 ] Bug #1549729 – CVE-2018-7440 leptonica: gplotMakeOutput command injection (CVE-2018-3836 incomplete fix) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1549729
[ 3 ] Bug #1574269 – leptonica-1.76.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574269
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-c6e8b5f529’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorDanijel Kozinovic
Cert idNCERT-REF-2018-05-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top