U radu programskog paketa libreport uočen je novi sigurnosni propust. Zloćudni korisnik spomenuti nedostatak može iskoristiti za otkrivanje osjetljivih podataka.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-16990
2011-12-11 21:22:43
--------------------------------------------------------------------------------

Name        : libreport
Product     : Fedora 16
Version     : 2.0.8
Release     : 3.fc16
URL         : https://fedorahosted.org/abrt/
Summary     : Generic library for reporting various problems
Description :
Libraries providing API for reporting different problems in applications
to different bug targets like Bugzilla, ftp, trac, etc...

--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  9 2011 Jiri Moskovcak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 2.0.8-3
- fixed few crashes in bodhi plugin
* Thu Dec  8 2011 Jiri Moskovcak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 2.0.8-2
- fixed crash in bodhi plugin
- re-upload better backtrace if available
- fixed dupe finding for selinux
- don't duplicate comments in bugzilla
- fixed problem with empty release
* Tue Dec  6 2011 Jiri Moskovcak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 2.0.8-1
- new version
- added bodhi plugin rhbz#655783
- one tab per file on details page rhbz#751833
- search box search thru all data (should help with privacy) rhbz#748457
- fixed close button position rhbz#741230
- rise the attachment limit to 4kb rhbz#712602
- fixed make check (rpath problem)
- save chnages in editable lines rhbz#710100
- ignore backup files rhbz#707959
- added support for proxies rhbz#533652
- Resolves: 753183 748457 737991 723219 712602 711986 692274 636000 631856
655783 741257 748457 741230 712602 753183 748457 741230 712602 710100 707959
533652
* Sat Nov  5 2011 Jiri Moskovcak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 2.0.7-2
- bumped release
* Fri Nov  4 2011 Jiri Moskovcak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 2.0.7-1
- new version
- added support for bodhi (preview)
- dropped unused patches
- reporter-bugzilla/rhts: add code to prevent duplicate reporting. Closes
rhbz#727494 (Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- wizard: search thru all items + tabbed details rhbz#748457
(Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- wizard: add "I don't know what caused this problem" checkbox. Closes
rhbz#712508 (Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- reporter-bugzilla: add optional 'Product' parameter. Closes rhbz#665210
(Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- rhbz#728190 - man pages contain suspicious version string
(Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- reporter-print: expand leading ~/ if present. Closes rhbz#737991
(Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- reporter-rhtsupport: ask rs/problems endpoint before creating new case.
(working on rhbz#677052) (Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- reporter-mailx: use Bugzilla's output format. Closes rhbz#717321.
(Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- report-newt: add option to display version (rhbz#741590) (Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
- Resolves: #727494 #748457 #712508 #665210 rhbz#728190 #737991 #677052 #717321
#741590
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #749854 - CVE-2011-4088 abrt: may leak some personal information to
bugzilla with some certain applications
        https://bugzilla.redhat.com/show_bug.cgi?id=749854
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libreport' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce