Detalji

U radu programskog paketa maniadrive, namijenjenog operacijskim sustavima Fedora 13 i 14, otkrivena je nova sigurnosna ranjivost. Radi se o besplatnoj kopiji paketa Trackmania, igrice za utrke automobilima. Pogreška se javlja zbog neodgovarajućeg rukovanja određenom numeričkom vrijednosti koja dodjelom varijabli može uzrokovati pojavu beskonačne petlje. Ovaj problem potencijalni napadač može iskoristiti za izvođenje DoS napada. Kako je dostupna poboljšana programska nadogradnja, svi se korisnici upućuju na njenu primjenu. 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0321
2011-01-12 05:02:33
--------------------------------------------------------------------------------

Name        : maniadrive
Product     : Fedora 13
Version     : 1.2
Release     : 26.fc13.1
URL         : http://maniadrive.raydium.org/
Summary     : 3D stunt driving game
Description :
ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous
gameplay (tracks almost never exceed one minute). Features: Complex car
physics, Challenging "story mode", LAN and Internet mode, Live scores,
Track editor, Dedicated server with HTTP interface and More than 30 blocks.

--------------------------------------------------------------------------------
Update Information:

This release resolves a critical issue, reported as PHP bug #53632 and
CVE-2010-4645, where conversions from string to double might cause the PHP
interpreter to hang on systems using x87 FPU registers.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 11 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-26.1
- rebuild
* Tue Jan 11 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-26
- Fix story mode not working with php >= 5.3.5 (rhbz#668657)
* Sun Jan  9 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-25
- Fix a crash when pressing 't', which enables the drawing of ode
  wire frames (rhbz#657353)
* Sat Jan  8 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-24
- Rebuild for new php 5.3.5
* Sun Dec 12 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-23
- Rebuild for new php 5.3.4
* Thu Jul 22 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-22
- Rebuild for new php 5.3.3
* Sat Mar  6 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-21
- Rebuild for new php 5.3.2
* Mon Feb 22 2010 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-20
- Fix FTBFS (#564773)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #667806 - CVE-2010-4645 php: hang on numeric value
2.2250738585072011e-308 with x87 fpu
        https://bugzilla.redhat.com/show_bug.cgi?id=667806
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update maniadrive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0329
2011-01-12 05:02:52
--------------------------------------------------------------------------------

Name        : maniadrive-data
Product     : Fedora 14
Version     : 1.2
Release     : 5.fc14
URL         : http://maniadrive.raydium.org/
Summary     : Data files for maniadrive, a 3D stunt driving game
Description :
Data files for maniadrive, a 3D stunt driving game. Notice this package does
not include the original ManiaDrive soundtrack as the original soundtrack is
licensed under a CC BY-NC-SA license, which is not acceptable to Fedora.

A replacement soundtrack is available in the maniadrive-music package (and
will
get automatically installed together with maniadrive itself).

--------------------------------------------------------------------------------
Update Information:

This release resolves a critical issue, reported as PHP bug #53632 and
CVE-2010-4645, where conversions from string to double might cause the PHP
interpreter to hang on systems using x87 FPU registers. 
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 11 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.2-5
- Fix story mode not working with php >= 5.3.5 (rhbz#668657)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #667806 - CVE-2010-4645 php: hang on numeric value
2.2250738585072011e-308 with x87 fpu
        https://bugzilla.redhat.com/show_bug.cgi?id=667806
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update maniadrive-data' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh