CVE-2019-6978: double free in the gdImage*Ptr in gd_jpeg.c, and gd_wbmp.c
sudo dnf upgrade --refresh --advisory=FEDORA-2019-76fbe24cab
This update has been submitted for testing by caolanm.
This update has been pushed to testing.
I got dnf errors relating to this libwmf update and gimp. gimp-2.10.8-5.fc29 requires libwmf-0.2.so.7 and libwmflite-0.2.so.7, but libwmf-0.2.11-1.fc29 provides libwmf-0.2.so.8 and libwmf-lite-0.2.11-1.fc29 provides libwmflite-0.2.so.8. libabiword, GraphicsMagick, ImageMagick-libs also depend on libwmf-0.2.so.7 and/or libwmflite-0.2.so.7. Rebuilding gimp, libabiword, GraphicsMagick, ImageMagick to use this libwmf update might avoid further dnf errors. I filed the following report with more details https://bugzilla.redhat.com/show_bug.cgi?id=1671621
Such errors touches libabiword too:
package libabiword-1:3.0.2-13.fc29.x86_64 requires libwmf-0.2.so.7()(64bit), but none of the providers can be installed
- cannot install both libwmf-0.2.11-1.fc29.x86_64 and libwmf-0.2.10-1.fc29.x86_64
Problem: problem with installed package ImageMagick-libs-1:184.108.40.206-3.fc29.x86_64
- package ImageMagick-libs-1:220.127.116.11-3.fc29.x86_64 requires libwmflite-0.2.so.7()(64bit), but none of the providers can be installed
- cannot install both libwmf-lite-0.2.11-1.fc29.x86_64 and libwmf-lite-0.2.10-1.fc29.x86_64
- cannot install both libwmf-lite-0.2.10-1.fc29.x86_64 and libwmf-lite-0.2.11-1.fc29.x86_64
- package libwmf-0.2.11-1.fc29.x86_64 requires libwmflite-0.2.so.8()(64bit), but none of the providers can be installed
- cannot install the best update candidate for package libwmf-0.2.10-1.fc29.x86_64
Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.
This breaks packages using libwmf as the soname changes.
This update has been unpushed.
besser82 edited this update.
Karma has been reset.
This update has been submitted for testing by besser82.
Rebuilt packages are not needed anymore as this NVR reverts the soname bump.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for batched by caolanm.
This update has been submitted for stable by caolanm.
This update has been pushed to stable.
Please login to add feedback.
Confirm request to re-trigger tests.
Copyright © 2007-2023 Red Hat, Inc. and
bodhi-server 7.0.1 on
bodhi is Free Software.
if you have any problems. Read the documentation.