LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2008-8379 (emacspeak)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 9 Update: emacspeak-28.0-3.fc9


Date:
    	      Wed, 01 Oct 2008 06:34:17 +0000


Message-ID:
    	      <20081001063417.153852084BD@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-8379
2008-10-01 05:58:30
--------------------------------------------------------------------------------

Name        : emacspeak
Product     : Fedora 9
Version     : 28.0
Release     : 3.fc9
URL         : http://emacspeak.sourceforge.net/
Summary     : emacspeak -- The Complete Audio Desktop
Description :
Emacspeak is a speech interface that allows visually impaired users to
interact independently and efficiently with the computer. Emacspeak has
dramatically changed how the author and hundreds of blind and visually
impaired users around the world interact with the personal computer and
the Internet. A rich suite of task-oriented speech-enabled tools provides
efficient speech-enabled access to the evolving semantic WWW.
When combined with Linux running on low-cost PC hardware,
Emacspeak/Linux provides a reliable, stable speech-friendly solution that
opens up the Internet to visually impaired users around the world.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 26 2008 Jens Petersen <petersen@redhat.com> - 28.0-3
- (CVE-2008-4191) fix tmpfile vulnerability in extract-table.pl with
  emacspeak-28.0-tmpfile.patch from upstream svn (#463820)
* Fri Sep 26 2008 Jens Petersen <petersen@redhat.com> - 28.0-2
- fix broken generated deps reported by mtasaka (#463899)
- script the replacement of tcl with tclsh to fix missing dtk-soft
- replace python2.4 with python in HTTPSpeaker.py
* Thu Sep 25 2008 Jens Petersen <petersen@redhat.com> - 28.0-1
- update to 28.0 with emacspeak-28.0-no-httpd.patch
- replace emacspeak-tcl-pkgreq-tclx.patch with sed
- emacspeak-no-linux-espeak.patch no longer needed
- update emacspeak-15.0-fixpref.patch for patch fuzz
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #463820 - CVE-2008-4191 emacspeak: Insecure auxiliary /tmp file usage (symlink attack
possible) [Fedora 9]
        https://bugzilla.redhat.com/show_bug.cgi?id=463820
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update emacspeak' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds