User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2013-23192 (devscripts)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 20 Update: devscripts-2.13.5-2.fc20
Date:  Sat, 21 Dec 2013 02:17:23 +0000
Message-ID:  <20131221021723.742DE21D77@bastion01.phx2.fedoraproject.org>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-23192 2013-12-11 16:31:11 -------------------------------------------------------------------------------- Name : devscripts Product : Fedora 20 Version : 2.13.5 Release : 2.fc20 URL : http://packages.debian.org/unstable/admin/devscripts Summary : Scripts for Debian Package maintainers Description : Scripts to make the life of a Debian Package maintainer easier. -------------------------------------------------------------------------------- Update Information: Fix code execution flaw in uscan, CVE request: http://www.openwall.com/lists/oss-security/2013/12/11/4 Update to release 2.13.5, see http://ftp-master.metadata.debian.org/changelogs//main/d/... for details. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 11 2013 Sandro Mani <manisandro@gmail.com> - 2.13.5-2 - Add upstream patch to fix arbitrary command execution when using USCAN_EXCLUSION (rhbz#1040266, debian#731849) * Thu Dec 5 2013 Sandro Mani <manisandro@gmail.com> - 2.13.5-1 - Update to 2.13.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040266 - CVE-2013-7050 devscripts: code execution flaw in uscan https://bugzilla.redhat.com/show_bug.cgi?id=1040266 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update devscripts' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds