UbuntuUpdates.org

Package "tracker-miners"

Name: tracker-miners

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • metadata database, indexer and search tool - metadata extractors
Latest version: 3.8.2-4ubuntu2.1
Release: questing (25.10)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "tracker-miners" in Questing

Repository Area Version
base universe 3.8.2-4ubuntu2
base main 3.8.2-4ubuntu2
security main 3.8.2-4ubuntu2.1
security universe 3.8.2-4ubuntu2.1
updates universe 3.8.2-4ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.8.2-4ubuntu2.1 2026-02-06 01:07:51 UTC

  tracker-miners (3.8.2-4ubuntu2.1) questing-security; urgency=medium

  * SECURITY UPDATE: Heap Buffer Overflow
    - debian/patches/CVE-2026-1764.patch: check for valid offsets
      extracting MP3 performer tags in
      src/tracker-extract/tracker-extract-mp3.c.
    - CVE-2026-1764
  * SECURITY UPDATE: NULL Pointer Dereference
    - debian/patches/bug426.patch: bail out on 0-size frame for ID3v2.0
      tags in src/tracker-extract/tracker-extract-mp3.c.
    - No CVE number
  * SECURITY UPDATE: Heap Buffer Overflow
    - debian/patches/CVE-2026-1765.patch: check for buffer boundaries
      extracting MP3 TXXX tags in
      src/tracker-extract/tracker-extract-mp3.c.
    - CVE-2026-1765
  * SECURITY UPDATE: Heap Buffer Overflow
    - debian/patches/CVE-2026-1766-pre1.patch: minor code refactor in
      src/tracker-extract/tracker-extract-mp3.c.
    - debian/patches/CVE-2026-1766.patch: refactor/fix handling of COMM
      tags in src/tracker-extract/tracker-extract-mp3.c.
    - CVE-2026-1766
  * SECURITY UPDATE: Heap Buffer Overflow
    - debian/patches/CVE-2026-1767.patch: fix accounting of offsets within
      MP3 performer tags in src/tracker-extract/tracker-extract-mp3.c.
    - CVE-2026-1767

 -- Marc Deslauriers <email address hidden> Tue, 03 Feb 2026 12:27:02 -0500
CVE-2026-1764 Heap Buffer Overflow in GNOME localsearch MP3 Extractor
CVE-2026-1765 Heap Buffer Overflow in GNOME localsearch MP3 Extractor (TXXX Tags)
CVE-2026-1766 Heap Buffer Overflow in GNOME localsearch MP3 Extractor (ID3v2.3 COMM Tags)
CVE-2026-1767 Heap Buffer Overflow in GNOME localsearch MP3 Extractor


About   -   Send Feedback to @ubuntu_updates