Detalji

U radu programskog paketa Abcm2ps, za operacijski sustav Fedora 13, otkriveni su sigurnosni propusti. Abcm2ps je paket koji se koristi za pretvorbu datoteka iz ABC formata u Postscript. Propusti su posljedica prepisivanja spremnika na gomili u funkciji "getarena()" te višestrukih nespecificiranih ranjivosti. Napadaču omogućuju pokretanje proizvoljnog programskog koda putem posebno oblikovane ABC datoteke. Svim se korisnicima, u svrhu zaštite od potencijalnih napada, savjetuje instalacija novih programskih rješenja.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-1851
2011-02-20 06:14:52
--------------------------------------------------------------------------------

Name        : abcm2ps
Product     : Fedora 13
Version     : 5.9.21
Release     : 1.fc13
URL         : http://moinejf.free.fr
Summary     : A program to typeset ABC tunes into Postscript
Description :
Abcm2ps is a package which converts music tunes from ABC format to
Postscript. Based on abc2ps version 1.2.5, it was developed mainly to
print Baroque organ scores which have independent voices played on one
or many keyboards and a pedal-board. Abcm2ps introduces many
extensions to the ABC language that make it suitable for classical
music.

--------------------------------------------------------------------------------
Update Information:

New release 5.9.21 with fixes for several security vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb  5 2011 GÊrard Milmeister <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 5.9.21-1
- new release 5.9.21
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #600729 - CVE-2010-4743 CVE-2010-4744 Abcm2ps v5.9.13: Multiple
security vulnerabilities
        https://bugzilla.redhat.com/show_bug.cgi?id=600729
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update abcm2ps' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh