| From: |
| updates@fedoraproject.org |
| To: |
| package-announce@lists.fedoraproject.org |
| Subject: |
| [SECURITY] Fedora 17 Update: FlightGear-2.6.0-3.fc17 |
| Date: |
| Wed, 29 May 2013 00:56:54 +0000 |
| Message-ID: |
| <20130529005653.59721215EC@bastion01.phx2.fedoraproject.org> |
| Archive-link: |
| Article, Thread
|
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8721
2013-05-21 07:05:02
--------------------------------------------------------------------------------
Name : FlightGear
Product : Fedora 17
Version : 2.6.0
Release : 3.fc17
URL : http://www.flightgear.org/
Summary : The FlightGear Flight Simulator
Description :
The Flight Gear project is working to create a sophisticated flight
simulator framework for the development and pursuit of interesting
flight simulator ideas. We are developing a solid basic sim that can be
expanded and improved upon by anyone interested in contributing
--------------------------------------------------------------------------------
Update Information:
This update adds a fix to an uncontrolled format string vulnerability discovered in the cloud
layers handling code.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 15 2013 Fabrice Bellet <fabrice@bellet.info> 2.6.0-3
- fix another uncontrolled format string vulnerability (#958312)
* Tue May 29 2012 Tom Callaway <spot@fedoraproject.org> 2.6.0-2
- check that printf format strings are never %n (CVE-2012-2090)
- use snprintf with a max size of 256 to prevent rotor name overflow (CVE-2012-2091)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #958312 - FlightGear: improper handling of format strings
https://bugzilla.redhat.com/show_bug.cgi?id=958312
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update FlightGear' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(
Log in to post comments)