LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2008-6491 (chmsee)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 8 Update: chmsee-1.0.0-3.31.fc8


Date:
    	      Fri, 18 Jul 2008 08:07:34 +0000


Message-ID:
    	      <200807180807.m6I86gxE019069@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-6491
2008-07-18 01:38:21
--------------------------------------------------------------------------------

Name        : chmsee
Product     : Fedora 8
Version     : 1.0.0
Release     : 3.31.fc8
URL         : http://chmsee.gro.clinux.org/
Summary     : A Gtk+2 CHM document viewer
Description :
A gtk2 chm document viewer.

It uses chmlib to extract files. It uses gecko to display pages. It supports
displaying multilingual pages due to gecko. It features bookmarks and tabs.
The tabs could be used to jump inside the chm file conveniently. Its UI is
clean and handy, also is well localized. It is actively developed and
maintained. The author of chmsee is Jungle Ji and several other great people.

Hint
* Unlike other chm viewers, chmsee extracts files from chm file, and then read
and display them. The extracted files could be found in $HOME/.chmsee/bookshelf
directory. You can clean those files at any time and there is a special config
option for that.
* The bookmark is related to each file so not all bookmarks will be loaded,
only current file's.
* Try to remove $HOME/.chmsee if you encounter any problem after an upgrade.

--------------------------------------------------------------------------------
Update Information:

Updated firefox packages that fix several security issues are now available for
Fedora 8.    An integer overflow flaw was found in the way Firefox displayed
certain web content. A malicious web site could cause Firefox to crash, or
execute arbitrary code with the permissions of the user running Firefox.
(CVE-2008-2785)    A flaw was found in the way Firefox handled certain command
line URLs. If another application passed Firefox a malformed URL, it could
result in Firefox executing local malicious content with chrome privileges.
(CVE-2008-2933)    Updated packages update Mozilla Firefox to upstream version
2.0.0.16 to address these flaws:    http://www.mozilla.org/security/known-
vulnerabilities/firefox20.html#firefox2.0.0.16    This update also contains
blam, cairo-dock, chmsee, devhelp, epiphany, epiphany-extensions, galeon, gnome-
python2-extras, gnome-web-photo, gtkmozembedmm, kazehakase, liferea, Miro,
openvrml, ruby-gnome2 and yelp packages rebuilt against new Firefox / Gecko
libraries.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 15 2008 Christopher Aillon <caillon@redhat.com> - 1.0.0-3.31
- Rebuild against newer gecko
* Wed Jul  2 2008 Christopher Aillon <caillon@redhat.com> - 1.0.0-2.31
- Rebuild against newer gecko
* Wed Apr 16 2008 Christopher Aillon <caillon@redhat.com> - 1.0.0-2.30
- Rebuild against newer gecko
* Tue Mar 25 2008 Christopher Aillon <caillon@redhat.com> - 1.0.0-1.30
- Rebuild against newer gecko
* Tue Mar  4 2008 bbbush <bbbush.yuan@gmail.com> - 1.0.0-1.29
- re-add firefox_version
* Fri Feb  8 2008 Christopher Aillon <caillon@redhat.com> - 1.0.0-1.28
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #452204 - CVE-2008-2785 mozilla: CSS reference counter overflow (ZDI-CAN-349)
        https://bugzilla.redhat.com/show_bug.cgi?id=452204
  [ 2 ] Bug #454697 - CVE-2008-2933 Firefox command line URL launches multi-tabs
        https://bugzilla.redhat.com/show_bug.cgi?id=454697
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update chmsee' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds