[SECURITY] Fedora 18 Update: autotrace-0.31.1-34.fc18

updates at fedoraproject.org updates at fedoraproject.org
Tue Jul 9 01:40:45 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-12032
2013-06-30 23:33:36
--------------------------------------------------------------------------------

Name        : autotrace
Product     : Fedora 18
Version     : 0.31.1
Release     : 34.fc18
URL         : http://autotrace.sourceforge.net/
Summary     : Utility for converting bitmaps to vector graphics
Description :
AutoTrace is a program for converting bitmaps to vector graphics.

Supported input formats include BMP, TGA, PNM, PPM, and any format
supported by ImageMagick, whereas output can be produced in
Postscript, SVG, xfig, SWF, and others.

--------------------------------------------------------------------------------
Update Information:

This is an update that fixes possible buffer overflow when parsing BMP files.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 28 2013 Jaroslav Škarvada <jskarvad at redhat.com> - 0.31.1-34
- Fixed buffer overflow when parsing BMP files
  Resolves: CVE-2013-1953
* Mon Mar 18 2013 Jon Ciesla <limburgher at gmail.com> - 0.31.1-33
- ImageMagick rebuild.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.31.1-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #951257 - CVE-2013-1953 autotrace: buffer overflow when parsing BMP files
        https://bugzilla.redhat.com/show_bug.cgi?id=951257
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update autotrace' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list