--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-8f27031c8f
2017-09-19 02:41:35.415951
--------------------------------------------------------------------------------
Name : ripright
Product : Fedora 26
Version : 0.11
Release : 5.fc26
URL :
http://www.mcternan.me.uk/ripright/
Summary : Minimal CD to FLAC ripper
Description :
RipRight is a minimal CD ripper modeled on autorip. It can run as a daemon and
will automatically start ripping any CD found in the drive after which the
disc will be ejected. Ripping is always to FLAC lossless audio format with
tags taken from the community-maintained MusicBrainz lookup service and cover
art from Amazon where possible. If a disc is unknown to MusicBrainz, the CD
will be ejected without ripping and can also be optionally rejected if cover
art cannot be found.
With RipRight, ripping a CD collection is just a matter of feeding your Linux
PC each CD in turn and waiting while they are ripped. CDs which are
immediately ejected can be checked with the MusicBrainz Picard tool which
allows CD identifiers to be uploaded to the website database. Any errors or
inaccuracies in the database records can also be edited on the MusicBrainz.
--------------------------------------------------------------------------------
Update Information:
Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch
ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages
are mostly straight rebuilds, a couple also include bugfix version updates.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c
can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471837
[ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long
function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1471122
[ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function
when processing TGA or VST file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1470670
[ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1465064
[ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144
ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1455602
[ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE
decoder [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1453125
[ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1413898
[ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when
deflating TIFF files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408404
[ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage
function in coders\pwp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483575
[ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1299275
[ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various
flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483132
[ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643
CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665
CVE-2017-12666 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1483117
[ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430
CVE-2017-12432 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482655
[ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and
format8BIM functions in coders/meta.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482626
[ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1350462
[ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361494
[ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959
CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516
CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick:
various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1378790
[ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing
crafted tiff file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1361578
[ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in
ReadDCMImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477566
[ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752
CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477070
[ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage()
coders/mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475486
[ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the
WriteCIPImage() function in coders/cip.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475471
[ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in
WritePTIFImage() in coders/tiff.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475464
[ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function
in coders/txt.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474846
[ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1474420
[ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage
function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473848
[ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage
function in coders\dpx.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473825
[ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized
memory in ReadJPEGImage function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473802
[ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage
function in coders/screenshot.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473799
[ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob
sizes of stdin image input [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473797
[ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of
service in coders/jpeg.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473775
[ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage
function in coders\mat.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473758
[ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the
GetNextToken function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1473719
[ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1410515
[ 35 ] Bug #1479313 - synfigstudio doesn't start
https://bugzilla.redhat.com/show_bug.cgi?id=1479313
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade ripright' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------