Detalji

U radu programskog paketa gnome-web-photo uočene su višestruke sigurnosne ranjivosti. Riječ je o inačici za operacijski sustav Fedora 14, a koristi se za generiranje slikovnih datoteka i minijatura iz HTML datoteka i web stranica. Nepravilnosti u radu uključuju pojavu prepisivanja spremnika u komponentama "JavaScript atom map" i "JavaScript upvarMap", te nepravilno korištenje memorije (pogreške prilikom oslobađanja memorije i korištenje već oslobođenih memorijskih lokacija). Zloupotrebom sigurnosnih propusta napadač osigurava okolinu za izvođenje DoS i XSS napada. Dostupne su ispravke. 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-2444
2011-03-02 01:27:20
--------------------------------------------------------------------------------

Name        : gnome-web-photo
Product     : Fedora 14
Version     : 0.9
Release     : 17.fc14.1
URL         : http://download.gnome.org/sources/gnome-web-photo/0.9/
Summary     : HTML pages thumbnailer
Description :
gnome-web-photo contains a thumbnailer that will be used by GNOME applications,
including the file manager, to generate screenshots of web pages.

--------------------------------------------------------------------------------
Update Information:

Update to new upstream Firefox version 3.6.14, fixing multiple security issues detailed in the upstream advisories:

http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14

Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar  1 2011 Jan Horak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.9-17.1
- Rebuild against newer gecko
* Thu Dec  9 2010 Jan Horak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.9-16.1
- Rebuild against newer gecko
* Thu Oct 28 2010 Jan Horak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.9-15.1
- Rebuild against newer gecko
* Tue Oct 19 2010 Jan Horak <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.9-14.1
- Rebuild against newer gecko
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update gnome-web-photo' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh