Fedora Linux 8811 Published by

An abcm2ps security update has been released for Fedora 30.



SECURITY: Fedora 30 Update: abcm2ps-8.14.7-2.fc30


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-eb7a965fcf
2020-05-21 03:07:56.683407
--------------------------------------------------------------------------------

Name : abcm2ps
Product : Fedora 30
Version : 8.14.7
Release : 2.fc30
URL :   http://moinejf.free.fr
Summary : A program to typeset ABC tunes into Postscript
Description :
Abcm2ps is a package which converts music tunes from ABC format to
Postscript. Based on abc2ps version 1.2.5, it was developed mainly to
print Baroque organ scores which have independent voices played on one
or many keyboards and a pedal-board. Abcm2ps introduces many
extensions to the ABC language that make it suitable for classical
music.

--------------------------------------------------------------------------------
Update Information:

New upstream release with fixes for CVEs and other enhancements.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 12 2020 Stuart Gathman - 8.14.7-2
- Move sample ABC output to subpackage
* Tue May 12 2020 Stuart Gathman - 8.14.7-1
- New upstream release
* Wed Apr 29 2020 Filipe Rosset - 7.8.14-11
- Fix FTBFS
* Tue Jan 28 2020 Fedora Release Engineering - 7.8.14-10
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jul 24 2019 Fedora Release Engineering - 7.8.14-9
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1063718 - abcm2ps-8.14.7 is available
  https://bugzilla.redhat.com/show_bug.cgi?id=1063718
[ 2 ] Bug #1576118 - CVE-2018-10753 abcm2ps: stack based buffer overflow in the delayed_output function in music.c [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=1576118
[ 3 ] Bug #1576641 - CVE-2018-10771 abcm2ps: Stack-based buffer overflow in parse.c:get_key() allows for denial of service [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=1576641
[ 4 ] Bug #1799137 - abcm2ps: FTBFS in Fedora rawhide/f32
  https://bugzilla.redhat.com/show_bug.cgi?id=1799137
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-eb7a965fcf' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys