From Mageia wiki
Jump to: navigation, search

MGASA-2012-0116

Date: June 19th, 2012
Affected releases: 1, 2


Description:
Updated taglib packages fix security vulnerabilities:

taglib before 1.7.2 allows remote attackers to cause a denial of
service (divide-by-zero error and application crash) via a crafted
MP4 file (CVE-2012-2396).


Updated Packages:
Mageia 1:
lib(64)taglib1-1.6.3-2.2.mga1
lib(64)taglib_c0-1.6.3-2.2.mga1
lib(64)taglib-devel-1.6.3-2.2.mga1
Mageia 2:
lib(64)taglib1-1.7.2-1.mga2
lib(64)taglib_c0-1.7.2-1.mga2
lib(64)taglib-devel-1.7.2-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396
http://lists.opensuse.org/opensuse-updates/2012-05/msg00017.html
https://bugs.mageia.org/show_bug.cgi?id=5905

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0116&oldid=8084"