Fedora alert FEDORA-2010-12276 (uzbl)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 12 Update: uzbl-0-0.16.20100626gitafc0f873e.fc12 | |
| Date: | Sat, 21 Aug 2010 04:28:58 +0000 | |
| Message-ID: | <20100821042858.537DA10FCB1@bastion02.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-12276 2010-08-07 22:46:22 -------------------------------------------------------------------------------- Name : uzbl Product : Fedora 12 Version : 0 Release : 0.16.20100626gitafc0f873e.fc12 URL : http://www.uzbl.org Summary : Lightweight WebKit browser following the UNIX philosophy Description : Uzbl is a lightweight web browser based on WebKit/Gtk+. Uzbl follows the UNIX philosophy - "Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface." -------------------------------------------------------------------------------- Update Information: Fix a bug in the default configuration for the mouse bindings that can allow crafted links to execute arbitrary shell code. Please check your local configuration and replace "\@SELECTED_URI" with "$8" in any string that is executed as shell code (usually involves "sh 'commands_here'"). -------------------------------------------------------------------------------- References: [ 1 ] Bug #621964 - CVE-2010-2809 uzbl: malicious code execution via unsanitized @SELECTED_URI https://bugzilla.redhat.com/show_bug.cgi?id=621964 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update uzbl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...