|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2009-1187 (gedit)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 10 Update: gedit-2.24.3-3.fc10


Date:
    	      Thu, 29 Jan 2009 23:11:58 +0000


Message-ID:
    	      <20090129231158.EF9A4208DA8@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1187
2009-01-29 22:32:49
--------------------------------------------------------------------------------

Name        : gedit
Product     : Fedora 10
Version     : 2.24.3
Release     : 3.fc10
URL         : http://gedit.sourceforge.net/
Summary     : gEdit is a small but powerful text editor for GNOME
Description :
gEdit is a small but powerful text editor designed specifically for
the GNOME GUI desktop.  gEdit includes a plug-in API (which supports
extensibility while keeping the core binary small), support for
editing multiple documents using notebook tabs, and standard text
editor functions.

You'll need to have GNOME and GTK+ installed to use gEdit.

--------------------------------------------------------------------------------
Update Information:

Untrusted search path vulnerability in gedit's Python module allows local users
to execute arbitrary code via a Trojan horse Python file in the current working
directory, related to an erroneous setting of sys.path by the PySys_SetArgv
function.    References:  http://bugzilla.gnome.org/show_bug.cgi?id=569214
http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike...
python-files-from-cwd-td18848099.html     The latest stable upstream release of
gedit.  From the release announcement:    New Features and Fixes
======================  - Backport some bugfixes from the developement version
New and updated translations  ============================  - Alexander Shopov
(bg)  - Priit Laes (et)  - Shankar Prasad (kn)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 26 2009 Ray Strode <rstrode@redhat.com> - 1:2.24.3-3
- Fix bug 481556 in a more functional way
* Mon Jan 26 2009 Ray Strode <rstrode@redhat.com> - 1:2.24.3-2
- Fix up python plugin path to close up a security attack
  vectors (bug 481556).
* Thu Jan 15 2009 Matthias Clasen <mclasen@redhat.com> - 1:2.24.3-1
- Update to 2.24.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #481556 - gedit: untrusted python modules search path
        https://bugzilla.redhat.com/show_bug.cgi?id=481556
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gedit' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds