FEDORA-EPEL-2024-9d9625a171
Packages in this update:
libopenmpt-0.7.8-1.el8
Update description:
libopenmpt 0.7.8 (2024-06-09)
[Sec] Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
MED: Additional command pages can now be read.
MED: Echo DSP is now emulated.
AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
MDL: Pitch slide depth was wrong since libopenmpt 0.6.0.
DTM: Fix pitch slide depth for samples with finetune.
DSm: Don’t import as Amiga module (and thus allow Amiga resampler to be enabled), as this PC format can easily exceed the Amiga frequency range.
DSm: Only the first 48 samples were ever read.
STM / STX: Don’t set channel panning. ScreamTracker 2 only outputs mono sound.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.
libopenmpt 0.7.7 (2024-05-12)
[Bug] examples/libopenmpt_example_c_pipe.c and libopenmpt/bindings/freebasic/libopenmpt_ext.bi were missing from the Autotools package.
[New] New Makefile CONFIG=mingw-w64 option WINDOWS_CRT=[crtdll,msvcrt,ucrt] to select the toolchain CRT library.
[Change] build/download_externals.sh now verifies the integrity of any downloaded files and uses curl instead of wget.
[Regression] Optimization level when compiling with GCC 14 has been forced down to -O1 due to the severe miscompilation GCC 14 has shown on MinGW-w64 amd64 (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115049).
IT: Disable a few more compatibility flags for older SchismTracker builds.
IT: Halve the output volume of files saved with ChibiTracker, as its mixer is about half as loud as ours.
S3M: In mono mode, the ratio between sample and OPL volume was incorrect.
S3M: Detect files saved with PlayerPRO.
XM: Detect files saved with PlayerPRO. Improved detection of files saved with ModPlug Tracker.
XM: Files with impossibly small pattern headers are now rejected, like FastTracker 2 does.
STK: Loosen SoundTracker file rejection heuristics a bit to allow loading of files with malformed song titles and overly long samples. Other heuristics has been tightened a bit.
MOD: Change VBlank timing heuristic to always assume CIA timing when long samples unsupported by original ProTracker) are found.
MOD: Disable NoiseTracker quirks if empty sample slots have a default volume other than 0.
MOD: 7-bit panning detection may have returned incorrect results for MODs with a channel count other than 4.
MED: Improve handling of default tempo, panning and channel volume in files containing more than one song.
MO3: Reduced maximum allowed music data (not samples) size from 2 GiB to 512 MiB.
XMF: Header validation is now stricter.
MDL: Slightly more accurate import of pattern command 9 (enabling envelopes instead of setting envelope position).
ULT: Support the highest three octaves.
OPL emulation could produce clicks when using a mix rate higher than 65536 Hz.
xmp-openmpt: Subsongs whose length could not be calculate no longer show a duration of -12:-55.
mpg123: Update to v1.32.6 (2024-04-04).
More Stories
helix-24.07-2.fc42 rust-cargo-0.79.0-4.fc42 rust-cargo-deny-0.14.24-3.fc42 rust-dua-cli-2.29.2-1.fc42 rust-gix-0.66.0-1.fc42 rust-gix-actor-0.32.0-1.fc42 rust-gix-archive-0.15.0-1.fc42 rust-gix-attributes-0.22.5-1.fc42 rust-gix-command-0.3.9-1.fc42 rust-gix-commitgraph-0.24.3-1.fc42 rust-gix-config-0.40.0-1.fc42 rust-gix-config-value-0.14.8-1.fc42 rust-gix-credentials-0.24.5-1.fc42 rust-gix-date-0.9.0-1.fc42 rust-gix-diff-0.46.0-1.fc42 rust-gix-dir-0.8.0-1.fc42 rust-gix-discover-0.35.0-1.fc42 rust-gix-features-0.38.2-3.fc42 rust-gix-filter-0.13.0-1.fc42 rust-gix-fs-0.11.3-1.fc42 rust-gix-glob-0.16.5-1.fc42 rust-gix-ignore-0.11.4-1.fc42 rust-gix-index-0.35.0-1.fc42 rust-gix-mailmap-0.24.0-1.fc42 rust-gix-negotiate-0.15.0-1.fc42 rust-gix-object-0.44.0-1.fc42 rust-gix-odb-0.63.0-1.fc42 rust-gix-pack-0.53.0-1.fc42 rust-gix-packetline-0.17.6-1.fc42 rust-gix-packetline-blocking-0.17.5-1.fc42 rust-gix-path-0.10.11-1.fc42 rust-gix-pathspec-0.7.7-1.fc42 rust-gix-prompt-0.8.7-1.fc42 rust-gix-protocol-0.45.3-1.fc42 rust-gix-ref-0.47.0-1.fc42 rust-gix-refspec-0.25.0-1.fc42 rust-gix-revision-0.29.0-1.fc42 rust-gix-revwalk-0.15.0-1.fc42 rust-gix-sec-0.10.8-1.fc42 rust-gix-status-0.13.0-1.fc42 rust-gix-submodule-0.14.0-1.fc42 rust-gix-tempfile-14.0.2-1.fc42 rust-gix-trace-0.1.10-1.fc42 rust-gix-transport-0.42.3-1.fc42 rust-gix-traverse-0.41.0-1.fc42 rust-gix-url-0.27.5-1.fc42 rust-gix-validate-0.9.0-1.fc42 rust-gix-worktree-0.36.0-1.fc42 rust-gix-worktree-state-0.13.0-1.fc42 rust-gix-worktree-stream-0.15.0-1.fc42 rust-onefetch-2.21.0-4.fc42 rust-prodash-29.0.0-1.fc42 rust-rustsec-0.29.3-3.fc42 rust-tame-index-0.12.0-3.fc42 rust-vergen-8.3.1-4.fc42 stgit-2.4.12-1.fc42
FEDORA-2024-1b3089c689 Packages in this update: helix-24.07-2.fc42 rust-cargo-0.79.0-4.fc42 rust-cargo-deny-0.14.24-3.fc42 rust-dua-cli-2.29.2-1.fc42 rust-gix-0.66.0-1.fc42 rust-gix-actor-0.32.0-1.fc42 rust-gix-archive-0.15.0-1.fc42 rust-gix-attributes-0.22.5-1.fc42 rust-gix-command-0.3.9-1.fc42 rust-gix-commitgraph-0.24.3-1.fc42 rust-gix-config-0.40.0-1.fc42 rust-gix-config-value-0.14.8-1.fc42 rust-gix-credentials-0.24.5-1.fc42 rust-gix-date-0.9.0-1.fc42 rust-gix-diff-0.46.0-1.fc42...
webkitgtk-2.46.0-1.fc39
FEDORA-2024-01501ccce2 Packages in this update: webkitgtk-2.46.0-1.fc39 Update description: Use Skia instead of cairo for 2D rendering and enable GPU rendering...
chromium-129.0.6668.58-1.fc41
FEDORA-2024-b85d941d78 Packages in this update: chromium-129.0.6668.58-1.fc41 Update description: update to 129.0.6668.58 High CVE-2024-8904: Type Confusion in V8 Medium CVE-2024-8905: Inappropriate...
chromium-129.0.6668.58-1.el8
FEDORA-EPEL-2024-2cc55c9f93 Packages in this update: chromium-129.0.6668.58-1.el8 Update description: update to 129.0.6668.58 High CVE-2024-8904: Type Confusion in V8 Medium CVE-2024-8905: Inappropriate...
USN-7023-1: Git vulnerabilities
Maxime Escourbiac and Yassine Bengana discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue...
Stored XSS in “Edit Profile” – htmlyv2.9.9
Posted by Andrey Stoykov on Sep 18 # Exploit Title: Stored XSS in "Edit Profile" - htmlyv2.9.9 # Date: 9/2024...