Fedora 41 Update: thunderbird-128.6.0-1.fc41
Fedora 41 Update: libxmp-4.6.1-2.fc41
Fedora 40 Update: libxmp-4.6.1-2.fc40
[SECURITY] Fedora 41 Update: thunderbird-128.6.0-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-2f5b9ab47b
2025-01-11 01:41:36.266556+00:00
--------------------------------------------------------------------------------
Name : thunderbird
Product : Fedora 41
Version : 128.6.0
Release : 1.fc41
URL : http://www.mozilla.org/projects/thunderbird/
Summary : Mozilla Thunderbird mail/newsgroup client
Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.
--------------------------------------------------------------------------------
Update Information:
Update to 128.6.0
https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 8 2025 Eike Rathke [erack@redhat.com] - 128.6.0-1
- Update to 128.6.0
* Thu Dec 19 2024 Daniel Rusek [mail@asciiwolf.com] - 128.5.2-2
- Use upstream rDNS naming scheme for desktop and appdata files
Resolves: rhbz#2210038
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-2f5b9ab47b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: libxmp-4.6.1-2.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-23e4aeeb91
2025-01-11 01:41:36.266471+00:00
--------------------------------------------------------------------------------
Name : libxmp
Product : Fedora 41
Version : 4.6.1
Release : 2.fc41
URL : http://xmp.sourceforge.net/
Summary : A multi-format module playback library
Description :
Libxmp is a library that renders module files to PCM data. It supports
over 90 mainstream and obscure module formats including Protracker (MOD),
Scream Tracker 3 (S3M), Fast Tracker II (XM), and Impulse Tracker (IT).
Many compressed module formats are supported, including popular Unix, DOS,
and Amiga file packers including gzip, bzip2, SQSH, Powerpack, etc.
--------------------------------------------------------------------------------
Update Information:
Latest upstream release. Changelog:
Fixes:
CVE-2023-45679: Attempt to free an uninitialized memory pointer in
vorbis_deinit()
CVE-2023-45680: Null pointer dereference in vorbis_deinit()
CVE-2023-45681: Out of bounds heap buffer write
CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder()
CVE-2023-45677: Heap buffer out of bounds write in start_decoder()
CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 2 2025 Dominik Mierzejewski [dominik@greysector.net] - 4.6.1-1
- update to 4.6.1 (rhbz#2335113)
- enumerate source licenses and correct License tag
* Mon Sep 2 2024 Miroslav Suchý [msuchy@redhat.com] - 4.6.0-6
- convert license to SPDX
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2335113 - libxmp-4.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2335113
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-23e4aeeb91' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
[SECURITY] Fedora 40 Update: libxmp-4.6.1-2.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-c58133e520
2025-01-11 01:25:07.399140+00:00
--------------------------------------------------------------------------------
Name : libxmp
Product : Fedora 40
Version : 4.6.1
Release : 2.fc40
URL : http://xmp.sourceforge.net/
Summary : A multi-format module playback library
Description :
Libxmp is a library that renders module files to PCM data. It supports
over 90 mainstream and obscure module formats including Protracker (MOD),
Scream Tracker 3 (S3M), Fast Tracker II (XM), and Impulse Tracker (IT).
Many compressed module formats are supported, including popular Unix, DOS,
and Amiga file packers including gzip, bzip2, SQSH, Powerpack, etc.
--------------------------------------------------------------------------------
Update Information:
Latest upstream release. Changelog:
Fixes:
CVE-2023-45679: Attempt to free an uninitialized memory pointer in
vorbis_deinit()
CVE-2023-45680: Null pointer dereference in vorbis_deinit()
CVE-2023-45681: Out of bounds heap buffer write
CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder()
CVE-2023-45677: Heap buffer out of bounds write in start_decoder()
CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 2 2025 Dominik Mierzejewski [dominik@greysector.net] - 4.6.1-1
- update to 4.6.1 (rhbz#2335113)
- enumerate source licenses and correct License tag
* Mon Sep 2 2024 Miroslav Suchý [msuchy@redhat.com] - 4.6.0-6
- convert license to SPDX
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 4.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2335113 - libxmp-4.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2335113
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-c58133e520' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
