Fedora has issued an advisory on September 14: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/ Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Done for both Cauldron and mga7!
CC: (none) => geiger.david68210
Advisory: ======================== Updated libextractor packages fix security vulnerability: GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c (CVE-2019-15531). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15531 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/ ======================== Updated packages in core/updates_testing: ======================== extract-1.9-2.1.mga7 libextractor-common-1.9-2.1.mga7 libextractor3-1.9-2.1.mga7 libextractor_common1-1.9-2.1.mga7 libextractor-devel-1.9-2.1.mga7 from libextractor-1.9-2.1.mga7.src.rpm
Assignee: bugsquad => qa-bugsWhiteboard: MGA7TOO => (none)Version: Cauldron => 7
MGA7-64 Plasma on Lenovo B50 No installation issues From MCC: libextractor is a library used to extract meta-data from files of arbitrary type. So did some abritrary things. $ extract P7212390.ORF Trefwoorden voor bestand P7212390.ORF: MIME-type - image/x-olympus-orf $ extract RAW_NIKON_E5700_SRGB.NEF Trefwoorden voor bestand RAW_NIKON_E5700_SRGB.NEF: copyright-houder - MIME-type - image/tiff aanmaakdatum - 2004:10:30 09:36:23 omschrijving - cameramerk - NIKON cameramodel - E5700 door software gemaakt - Nikon Browser 6.2.1 W afbeeldingsafmetingen - 120x160 MIME-type - image/tiff MIME-type - image/tiff onbekend - endianness=1234 video-afmetingen - 120x160 video-diepte - 32 pixelzijdenverhouding - 1/1 $ extract VerslagGB20160129.odt Trefwoorden voor bestand VerslagGB20160129.odt: MIME-type - application/vnd.oasis.opendocument.text ingebedde bestandsnaam - mimetype ingebedde bestandsnaam - Thumbnails/thumbnail.png ingebedde bestandsnaam - layout-cache ingebedde bestandsnaam - content.xml ingebedde bestandsnaam - settings.xml ingebedde bestandsnaam - meta.xml ingebedde bestandsnaam - styles.xml ingebedde bestandsnaam - manifest.rdf ingebedde bestandsnaam - Configurations2/images/Bitmaps/ ingebedde bestandsnaam - Configurations2/toolpanel/ ingebedde bestandsnaam - Configurations2/progressbar/ ingebedde bestandsnaam - Configurations2/accelerator/current.xml ingebedde bestandsnaam - Configurations2/floater/ ingebedde bestandsnaam - Configurations2/statusbar/ ingebedde bestandsnaam - Configurations2/toolbar/ ingebedde bestandsnaam - Configurations2/popupmenu/ ingebedde bestandsnaam - Configurations2/menubar/ ingebedde bestandsnaam - META-INF/manifest.xml indeling - ZIP 2.0 (uncompressed) MIME-type - application/vnd.oasis.opendocument.text door software gemaakt - LibreOffice/4.4.7.2$Linux_X86_64 LibreOffice_project/40$Build-2 aantal bladzijden - 3 aanmaakdatum - 2016-02-01T10:21:30.685240352 onbekende datum - 2016-02-01T11:21:50.465500816 $ extract vrijwilligersmap.pdf Trefwoorden voor bestand vrijwilligersmap.pdf: MIME-type - application/pdf maker - Adobe InDesign CS5.5 (7.5.2) door software geproduceerd - Adobe PDF Library 9.9 aanmaakdatum - Fri May 3 12:55:29 2019 CEST wijzigingsdatum - Fri May 3 12:55:50 2019 CEST aantal bladzijden - 106 encoder-versie - 1.5 All look good.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Herman, you are amazing. I looked at the same information you did, but never thought to just try extracting metadata from whatever was handy. Validating. Advisory in Comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0015.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED