| |||||||||||||||||||
Fedora alert FEDORA-2010-2341 (mingw32-libltdl)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-2341 2010-02-21 20:50:57 -------------------------------------------------------------------------------- Name : mingw32-libltdl Product : Fedora 12 Version : 1.5.26 Release : 20.fc12 URL : http://www.gnu.org/software/libtool/ Summary : Runtime libraries for GNU Libtool Dynamic Module Loader Description : The mingw32-libltdl package contains the GNU Libtool Dynamic Module Loader, a library that provides a consistent, portable interface which simplifies the process of using dynamic modules, for the mingw32 cross compilation environment. These runtime libraries are needed by programs that link directly to the system-installed ltdl libraries; they are not needed by software built using the rest of the GNU Autotools (including GNU Autoconf and GNU Automake). -------------------------------------------------------------------------------- Update Information: Not sure whether mingw32-libltdl (due to its special nature in being for cross- compilation development for an entirely different system) is actually affected by CVE-2009-3736, but this should make sure everything is fixed. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-20 - Re-enable debuginfo magic. It needs define macros, not global ones. * Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-19 - Disabled last debug-related percent sign * Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-18 - Also deactivate __debug_install_post * Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-17 - Unfuzz the CVE-2009-3736 patch - Deactivate the _mingw32_debug_package macro until it works again * Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-16 - Fix CVE-2009-3736 (#563980, #537941) - Change define macros into global macros * Sat Jan 2 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-15 - Automatically generate debuginfo subpackage -------------------------------------------------------------------------------- References: [ 1 ] Bug #537941 - CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory https://bugzilla.redhat.com/show_bug.cgi?id=537941 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mingw32-libltdl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-... (Log in to post comments)
|
|||||||||||||||||||