LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2009-1366 (gpsdrive)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 9 Update: gpsdrive-2.09-7.fc9


Date:
    	      Thu, 05 Feb 2009 02:22:44 +0000


Message-ID:
    	      <20090205022244.97533208EB6@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1366
2009-02-05 01:18:18
--------------------------------------------------------------------------------

Name        : gpsdrive
Product     : Fedora 9
Version     : 2.09
Release     : 7.fc9
URL         : http://www.gpsdrive.de/index.shtml
Summary     : A GPS based navigation tool
Description :
Gpsdrive is a map-based navigation system.
It displays your position on a zoomable map
provided from a NMEA-capable GPS receiver. The maps are autoselected
for the best resolution, depending of your position, and the displayed
image can be zoomed. Maps can be downloaded from the Internet with one
mouse click. The program provides information about speed, direction,
bearing, arrival time, actual position, and target position.
Speech output is also available. MySQL is supported.

--------------------------------------------------------------------------------
Update Information:

This update removes several helper scripts: geo-code, geo-nearest, and
gpssmswatch, which have been removed upstream due to security issues. This
update also has a fix for an issue with the splash screen.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb  2 2009 Kevin Fenzi <kevin@tummy.com> - 2.09-7
- fix for CVE-2008-4959 - bug 470241
- fix for CVE-2008-5380 - bug 475478
- fix for CVE-2008-5703 - bug 481702
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #470241 - CVE-2008-4959 gpsdrive: geo-code insecure temporary file use
        https://bugzilla.redhat.com/show_bug.cgi?id=470241
  [ 2 ] Bug #481702 - CVE-2008-5703 gpsdrive: insecure temporary file use in gpssmswatch and
splash.c
        https://bugzilla.redhat.com/show_bug.cgi?id=481702
  [ 3 ] Bug #475478 - CVE-2008-5380 gpsdrive: Insecure temporary file use in geo-code, geo-nearest
(symlink attack)
        https://bugzilla.redhat.com/show_bug.cgi?id=475478
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gpsdrive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds