| |||||||||||||
|
| |||||||||||||
Security advisories for WednesdayDebian has updated openssh (denial of service). Fedora has updated fedora-package-config-apt (F8, F9: new update repositories), fedora-package-config-smart (F8, F9: new update repositories), tomcat5 (F8, F9: multiple vulnerabilities). Mandriva has updated R-base (arbitrary file overwrite), koffice (arbitrary code execution). Red Hat has updated RealPlayer (removed due to arbitrary code execution flaw). rPath has updated tshark, wireshark (multiple denial of service vulnerabilities). SUSE has updated gnutls (multiple vulnerabilities), java (multiple vulnerabilities). (Log in to post comments)
Security advisories for Wednesday Posted Sep 18, 2008 13:28 UTC (Thu) by ledow (guest, #11753) [Link]
Seems quite a bold move on the Red Hat/RealPlayer part - they've just removed the RealPlayer package entirely. I imagine that some people might be hit by this, especially as they aren't providing the updated version because it contains "proprietry codecs" (a funny statement if ever there was one - what did it contain before?).
I understand the problem - you can't have abitrary code execution OR an unlicensed codec and there's little other choice, but I would have thought they would have made more of a fuss about this or, alternatively, negotiated with Real beforehand to try to sort out either problem.
But then, there you go - that's what you get for bundling closed-source apps, I suppose.
Security advisories for Wednesday Posted Sep 19, 2008 21:00 UTC (Fri) by rahulsundaram (subscriber, #21946) [Link]
RealPlayer and other proprietary applications are included in a separate supplementary channel in RHN and is unsupported. It is not bundled within the distribution and never installed by default. Most of them have been dropped over a period of time and Red Hat has put some effort into doing so. Developing and maintaining Evince including forms support and Liberation fonts for instance.
|
|
||||||||||||