Package "tracker-extract"
| Name: |
tracker-extract
|
Description: |
metadata database, indexer and search tool - metadata extractors
|
| Latest version: |
3.8.2-4ubuntu2.1 |
| Release: |
questing (25.10) |
| Level: |
updates |
| Repository: |
main |
| Head package: |
tracker-miners |
| Homepage: |
https://tracker.gnome.org/ |
Links
Download "tracker-extract"
Other versions of "tracker-extract" in Questing
Changelog
|
tracker-miners (3.8.2-4ubuntu2.1) questing-security; urgency=medium
* SECURITY UPDATE: Heap Buffer Overflow
- debian/patches/CVE-2026-1764.patch: check for valid offsets
extracting MP3 performer tags in
src/tracker-extract/tracker-extract-mp3.c.
- CVE-2026-1764
* SECURITY UPDATE: NULL Pointer Dereference
- debian/patches/bug426.patch: bail out on 0-size frame for ID3v2.0
tags in src/tracker-extract/tracker-extract-mp3.c.
- No CVE number
* SECURITY UPDATE: Heap Buffer Overflow
- debian/patches/CVE-2026-1765.patch: check for buffer boundaries
extracting MP3 TXXX tags in
src/tracker-extract/tracker-extract-mp3.c.
- CVE-2026-1765
* SECURITY UPDATE: Heap Buffer Overflow
- debian/patches/CVE-2026-1766-pre1.patch: minor code refactor in
src/tracker-extract/tracker-extract-mp3.c.
- debian/patches/CVE-2026-1766.patch: refactor/fix handling of COMM
tags in src/tracker-extract/tracker-extract-mp3.c.
- CVE-2026-1766
* SECURITY UPDATE: Heap Buffer Overflow
- debian/patches/CVE-2026-1767.patch: fix accounting of offsets within
MP3 performer tags in src/tracker-extract/tracker-extract-mp3.c.
- CVE-2026-1767
-- Marc Deslauriers <email address hidden> Tue, 03 Feb 2026 12:27:02 -0500
|
| CVE-2026-1764 |
Heap Buffer Overflow in GNOME localsearch MP3 Extractor |
| CVE-2026-1765 |
Heap Buffer Overflow in GNOME localsearch MP3 Extractor (TXXX Tags) |
| CVE-2026-1766 |
Heap Buffer Overflow in GNOME localsearch MP3 Extractor (ID3v2.3 COMM Tags) |
| CVE-2026-1767 |
Heap Buffer Overflow in GNOME localsearch MP3 Extractor |
|
About
-
Send Feedback to @ubuntu_updates
