AtomicParsley: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in AtomicParsley, the worst of which could result in arbitrary code execution. atomicparsley,atomicparsley-wez 2023-05-03 2023-05-03 806845 remote 0.9.6_p20210715_p151551 0.9.6_p20210715_p151551 0.9.6

AtomicParsley is a command line program for manipulating iTunes-style metadata in MPEG4 files.

Multiple vulnerabilities have been discovered in AtomicParsley. Please review the CVE identifiers referenced below for details.

Please review the referenced CVE identifiers for details.

Users can pass only trusted input to AtomicParsley.

Previously, the "wez" AtomicParsley fork was packaged in Gentoo as media-video/atomicparsley-wez. This fork is now packaged as media-video/atomicparsley, so users of the fork's package should now depclean it:

# emerge --ask --depclean "media-video/atomicparsley-wez"

All AtomicParsley users should upgrade to the latest version, which is a packaging of the "wez" AtomicParsley fork:

# emerge --sync # emerge --ask --oneshot --verbose ">=media-video/atomicparsley-0.9.6_p20210715_p151551" CVE-2021-37231 CVE-2021-37232 ajak sam