SECURITY: Fedora 32 Update: abcm2ps-8.14.7-2.fc32
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-a820f2b735
2020-05-21 02:51:59.947815
--------------------------------------------------------------------------------
Name : abcm2ps
Product : Fedora 32
Version : 8.14.7
Release : 2.fc32
URL : http://moinejf.free.fr
Summary : A program to typeset ABC tunes into Postscript
Description :
Abcm2ps is a package which converts music tunes from ABC format to
Postscript. Based on abc2ps version 1.2.5, it was developed mainly to
print Baroque organ scores which have independent voices played on one
or many keyboards and a pedal-board. Abcm2ps introduces many
extensions to the ABC language that make it suitable for classical
music.
--------------------------------------------------------------------------------
Update Information:
New upstream release with fixes for CVEs and other enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 12 2020 Stuart Gathman - 8.14.7-2
- Move sample ABC output to subpackage
* Tue May 12 2020 Stuart Gathman - 8.14.7-1
- New upstream release
* Wed Apr 29 2020 Filipe Rosset - 7.8.14-11
- Fix FTBFS
* Tue Jan 28 2020 Fedora Release Engineering - 7.8.14-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063718 - abcm2ps-8.14.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1063718
[ 2 ] Bug #1576118 - CVE-2018-10753 abcm2ps: stack based buffer overflow in the delayed_output function in music.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1576118
[ 3 ] Bug #1576641 - CVE-2018-10771 abcm2ps: Stack-based buffer overflow in parse.c:get_key() allows for denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1576641
[ 4 ] Bug #1799137 - abcm2ps: FTBFS in Fedora rawhide/f32
https://bugzilla.redhat.com/show_bug.cgi?id=1799137
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-a820f2b735' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
An abcm2ps security update has been released for Fedora 32.