Fedora alert FEDORA-2010-13698 (libgdiplus)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 13 Update: libgdiplus-2.6.7-2.fc13 | |
| Date: | Thu, 09 Sep 2010 01:21:21 +0000 | |
| Message-ID: | <20100909012121.34277110F19@bastion02.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-13698 2010-08-30 17:43:54 -------------------------------------------------------------------------------- Name : libgdiplus Product : Fedora 13 Version : 2.6.7 Release : 2.fc13 URL : http://www.mono-project.com/Main_Page Summary : An Open Source implementation of the GDI+ API Description : An Open Source implementation of the GDI+ API, it is part of the Mono Project -------------------------------------------------------------------------------- Update Information: * bugfix for three integer overflow errors (CVE-2010-1526) -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 25 2010 Christian Krause <chkr@fedoraproject.org> - 2.6.7-2 - Add upstream patch for CVE-2010-1526 * Tue Jul 27 2010 Christian Krause <chkr@fedoraproject.org> - 2.6.7-1 - Update to 2.6.7 release - Add BR giflib-devel and libexif-devel * Sun Jun 20 2010 Christian Krause <chkr@fedoraproject.org> - 2.6.4-1 - Cleanup spec file - Remove removal of -Werror - not applicable anymore * Tue Apr 27 2010 Paul F. Johnson <paul@all-the-johnsons.co.uk> 2.6.4-1 - Update to the 2.6.4 release - URL and source locations fixed in spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #626821 - CVE-2010-1526 libgdiplus: Integer overflows by loading 1, TIFF 2, JPEG and 3, BMP images https://bugzilla.redhat.com/show_bug.cgi?id=626821 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libgdiplus' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...