Fedora alert FEDORA-2015-2730 (cabextract)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 20 Update: cabextract-1.5-1.fc20 | |
| Date: | Mon, 09 Mar 2015 08:22:01 +0000 | |
| Message-ID: | <20150309082201.3F77260BCD55@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-2730 2015-02-27 06:03:47 -------------------------------------------------------------------------------- Name : cabextract Product : Fedora 20 Version : 1.5 Release : 1.fc20 URL : http://www.cabextract.org.uk/ Summary : Utility for extracting cabinet (.cab) archives Description : cabextract is a program which can extract files from cabinet (.cab) archives. -------------------------------------------------------------------------------- Update Information: Security fix for directory traversal with UTF-8 symbols in filenames. Fixed in upstream version 1.5. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 Juan Orti Alcaine <jorti@fedoraproject.org> - 1.5-1 - Updated to 1.5 * Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1193952 - CVE-2015-2060 cabextract: directory traversal with UTF-8 symbols in filenames https://bugzilla.redhat.com/show_bug.cgi?id=1193952 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update cabextract' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...