FEDORA-EPEL-2024-07e8f5f1f0
Packages in this update:
libopenmpt-0.7.6-1.el7
Update description:
libopenmpt 0.7.6 (2024-03-24)
[Sec] Potential heap out-of-bounds read or write past sample end with malformed sustain loops in SymMOD files (r20420).
MED: Transposed samples were playing too low in some files (e.g. mix94.mmd1).
OKT: Some files with garbage at the end were rejected (e.g. katharsis – piano lesson.okta).
Compressor DMO: It was possible that the plugin would not behave as intended at mix rates above 500 kHz.
Avoid re-allocating the loop state map contents on every playthrough of the module.
libopenmpt 0.7.5 (2024-03-17)
[Sec] Null-pointer write (32bit platforms) or excessive memory allocation (64bit platforms) when reading close to 4GiB of data from unseekable files (r20336, r20338).
[Sec] Write buffer overflow when reading unseekable files close to 4GiB in size (r20339).
[Sec] Possible out-of-memory (32bit platforms) or excessive memory allocation (64bit platforms) when reading malformed data from unseekable files (r20340).
[Sec] DMF: Possible null-pointer write or excessive memory allocation when reading DMF files (r20323).
IT: In the previous version, Zxx macros in IT files made with older MPT versions were no longer working.
There was a periodic click when playing a module using the Chorus or Flanger DMO plugin at a mix rate exceeding ~136.5 kHz.
An older bugfix for undefined behaviour in the Distortion DMO plugin was incorrect, causing the distorted sound to be different in some situations.
xmp-openmpt: Metadata retrievel for playlist items was broken.
libopenmpt 0.7.4 (2024-03-03)
[Bug] Makefile: libopenmpt 0.7.3 broke running the test suite for Emscripten builds.
openmpt123: openmpt123 now uses a narrower layout on terminal windows with a width of less than 72 characters.
Setting all possible load_skip flags resulted in nothing being loaded at all, instead of just not loading the selected module parts.
When playing all subsongs, set_position_seconds didn’t always calculate the correct subsong to jump to.
IT: A few more compatibility flags are now disabled for modules saved with earlier Schism Tracker versions.
IT: MIDI macros were reset in IT 2.14 / 2.15 files that declared to be compatible with older IT versions (fixes spx-visionsofthepast.it).
OKT: Work around missing negative arpeggio implementation by transposing the notes up an octave.
OKT: Channel volume commands were sometimes lost over less important effects.
IMF: Ignore magic bytes in sample header. “Leaving All Behind” by Karsten Koch uses unexpected magic bytes, Orpheus ignores them just like the instrument header magic bytes.
zlib: Update to v1.3.1 (2024-01-22).
mpg123: Update to v1.32.5 (2024-02-17).
pugixml: Update to v1.14 (2023-10-01).
More Stories
USN-6968-2: PostgreSQL vulnerability
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....
USN-7015-2: Python vulnerabilities
USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS,...
USN-7027-1: Emacs vulnerabilities
It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands....
USN-7024-1: tgt vulnerability
It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1,...
helix-24.07-2.fc42 rust-cargo-0.79.0-4.fc42 rust-cargo-deny-0.14.24-3.fc42 rust-dua-cli-2.29.2-1.fc42 rust-gix-0.66.0-1.fc42 rust-gix-actor-0.32.0-1.fc42 rust-gix-archive-0.15.0-1.fc42 rust-gix-attributes-0.22.5-1.fc42 rust-gix-command-0.3.9-1.fc42 rust-gix-commitgraph-0.24.3-1.fc42 rust-gix-config-0.40.0-1.fc42 rust-gix-config-value-0.14.8-1.fc42 rust-gix-credentials-0.24.5-1.fc42 rust-gix-date-0.9.0-1.fc42 rust-gix-diff-0.46.0-1.fc42 rust-gix-dir-0.8.0-1.fc42 rust-gix-discover-0.35.0-1.fc42 rust-gix-features-0.38.2-3.fc42 rust-gix-filter-0.13.0-1.fc42 rust-gix-fs-0.11.3-1.fc42 rust-gix-glob-0.16.5-1.fc42 rust-gix-ignore-0.11.4-1.fc42 rust-gix-index-0.35.0-1.fc42 rust-gix-mailmap-0.24.0-1.fc42 rust-gix-negotiate-0.15.0-1.fc42 rust-gix-object-0.44.0-1.fc42 rust-gix-odb-0.63.0-1.fc42 rust-gix-pack-0.53.0-1.fc42 rust-gix-packetline-0.17.6-1.fc42 rust-gix-packetline-blocking-0.17.5-1.fc42 rust-gix-path-0.10.11-1.fc42 rust-gix-pathspec-0.7.7-1.fc42 rust-gix-prompt-0.8.7-1.fc42 rust-gix-protocol-0.45.3-1.fc42 rust-gix-ref-0.47.0-1.fc42 rust-gix-refspec-0.25.0-1.fc42 rust-gix-revision-0.29.0-1.fc42 rust-gix-revwalk-0.15.0-1.fc42 rust-gix-sec-0.10.8-1.fc42 rust-gix-status-0.13.0-1.fc42 rust-gix-submodule-0.14.0-1.fc42 rust-gix-tempfile-14.0.2-1.fc42 rust-gix-trace-0.1.10-1.fc42 rust-gix-transport-0.42.3-1.fc42 rust-gix-traverse-0.41.0-1.fc42 rust-gix-url-0.27.5-1.fc42 rust-gix-validate-0.9.0-1.fc42 rust-gix-worktree-0.36.0-1.fc42 rust-gix-worktree-state-0.13.0-1.fc42 rust-gix-worktree-stream-0.15.0-1.fc42 rust-onefetch-2.21.0-4.fc42 rust-prodash-29.0.0-1.fc42 rust-rustsec-0.29.3-3.fc42 rust-tame-index-0.12.0-3.fc42 rust-vergen-8.3.1-4.fc42 stgit-2.4.12-1.fc42
FEDORA-2024-1b3089c689 Packages in this update: helix-24.07-2.fc42 rust-cargo-0.79.0-4.fc42 rust-cargo-deny-0.14.24-3.fc42 rust-dua-cli-2.29.2-1.fc42 rust-gix-0.66.0-1.fc42 rust-gix-actor-0.32.0-1.fc42 rust-gix-archive-0.15.0-1.fc42 rust-gix-attributes-0.22.5-1.fc42 rust-gix-command-0.3.9-1.fc42 rust-gix-commitgraph-0.24.3-1.fc42 rust-gix-config-0.40.0-1.fc42 rust-gix-config-value-0.14.8-1.fc42 rust-gix-credentials-0.24.5-1.fc42 rust-gix-date-0.9.0-1.fc42 rust-gix-diff-0.46.0-1.fc42...
USN-7025-1: LibreOffice vulnerability
It was discovered that LibreOffice would incorrectly handle digital signature verification after repairing a corrupted document. A remote attacker could...