User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2014-2391 (libgadu)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 20 Update: libgadu-1.12.0-0.3.rc2.fc20
Date:  Fri, 14 Feb 2014 08:04:08 +0000
Message-ID:  <20140214080408.EDF7922BD2@bastion01.phx2.fedoraproject.org>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-2391 2014-02-12 14:03:29 -------------------------------------------------------------------------------- Name : libgadu Product : Fedora 20 Version : 1.12.0 Release : 0.3.rc2.fc20 URL : http://libgadu.net/ Summary : A Gadu-gadu protocol compatible communications library Description : libgadu is intended to make it easy to add Gadu-Gadu communication support to your software. -------------------------------------------------------------------------------- Update Information: Security vulnerability fix in HTTP protocol handling. A specially crafted server reply may cause memory overwrite and arbitrary code execution. (CVE-2013-6487). -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 11 2014 Dominik Mierzejewski <rpm@greysector.net> - 1.12.0-0.3.rc2 - update to 1.12.0-rc2 (fixes CVE-2013-6487) * Wed Dec 11 2013 Dominik Mierzejewski <rpm@greysector.net> - 1.12.0-0.2.rc1 - update to 1.12.0-rc1 - drop attr from file list * Wed Nov 6 2013 Dominik Mierzejewski <rpm@greysector.net> - 1.12.0-0.1.20131101git3f1b8ce - update to 1.12.0 prerelease from git (fixes CVE-2013-4488) - update Source and URL to new location - clean up spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057489 - CVE-2013-6487 pidgin: Heap-based buffer overflow in Gadu-Gadu protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1057489 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libgadu' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds