Fedora alert FEDORA-2014-17281 (unrtf)

From:
    	     
 
updates@fedoraproject.org 
To:
    	     
 
package-announce@lists.fedoraproject.org 
Subject:
    	     
 
[SECURITY] Fedora 21 Update: unrtf-0.21.7-1.fc21 
Date:
    	     
 
Sat, 03 Jan 2015 19:03:52 +0000
Message-ID:
    	     
 
<20150103190411.CF70E6087CFF@bastion01.phx2.fedoraproject.org>
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-17281
2014-12-19 17:11:24
--------------------------------------------------------------------------------

Name        : unrtf
Product     : Fedora 21
Version     : 0.21.7
Release     : 1.fc21
URL         : https://www.gnu.org/software/unrtf/unrtf.html
Summary     : RTF (Rich Text Format) to other formats converter
Description :
UnRTF is a command-line program written in C which converts documents in
Rich Text Format (.rtf) to HTML, LaTeX, troff macros, and RTF itself.
Converting to HTML, it supports a number of features of Rich Text Format:
    * Changes in the text's font, size, weight (bold), and slant (italic)
    * Underlines and strikethroughs
    * Partial support for text shadowing, outlining, embossing, or engraving
    * Capitalizations
    * Superscripts and subscripts
    * Expanded and condensed text
    * Changes in the foreground and background colors
    * Conversion of special characters to HTML entities

--------------------------------------------------------------------------------
Update Information:

Update to the latest upstream release. This fixes a couple of security problems. See also the
[upstream changelog](http://hg.savannah.gnu.org/hgweb/unrtf/file/f5835113e0ed/...).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 17 2014 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.21.7-1
- Upstream release 0.21.7 (RHBZ #1175241)
* Wed Dec 10 2014 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.21.6-2
- Drop NEWS file (upstream didn't ship this in 0.21.6)
* Wed Dec 10 2014 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.21.6-1
- Upstream release 0.21.6 (RHBZ #1172664)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1170233 - CVE-2014-9274 CVE-2014-9275 unrtf: out-of-bounds memory access
vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=1170233
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update unrtf' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...