Kod programskog paketa pyfribidi, distribuiranog s operacijskim sustavom Fedora 14, otkriven je novi sigurnosni propust. Riječ je o Phyton dodatku za FriBidi, a služi za implementaciju Unicode Bidirectional algoritma. Pogreška se javlja zbog pojave prepisivanja međuspremnika u funkciji "log2vis_utf8()", a nastaje kod obrade UTF-8 niza znakova koje vraća funkcija "fribidi_unicode_to_utf8()". Posljedica spomenutog problema je mogućnost pokretanja DoS napada. Korisnicima se savjetuje primjena odgovarajuće nadogradnje.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0001
2011-01-01 20:04:55
--------------------------------------------------------------------------------
Name : pyfribidi
Product : Fedora 14
Version : 0.10.0
Release : 1.fc14
URL : http://pyfribidi.sourceforge.net/
Summary : A Python binding for GNU FriBidi
Description :
PyFriBidi is a simple Python binding for FriBidi, providing an
implementation of The Unicode Bidirectional Algorithm in Python.
--------------------------------------------------------------------------------
Update Information:
- Update to 0.10.0
- Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8 strings
- Run the included tests
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 31 2010 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.10.0-1
- Update to 0.10.0 (rhbz#539493)
- Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8
strings (rhbz#565997, rhbz#565998)
- Run the included tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #565997 - CVE-2010-3444 pyfribidi: buffer overflow when processing
Arabic UTF-8 strings
https://bugzilla.redhat.com/show_bug.cgi?id=565997
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pyfribidi' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0010
2011-01-01 20:05:15
--------------------------------------------------------------------------------
Name : pyfribidi
Product : Fedora 13
Version : 0.10.0
Release : 1.fc13
URL : http://pyfribidi.sourceforge.net/
Summary : A Python binding for GNU FriBidi
Description :
PyFriBidi is a simple Python binding for FriBidi, providing an
implementation of The Unicode Bidirectional Algorithm in Python.
--------------------------------------------------------------------------------
Update Information:
- Update to 0.10.0
- Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8 strings
- Run the included tests
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 31 2010 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.10.0-1
- Update to 0.10.0 (rhbz#539493)
- Fix CVE-2010-3444: buffer overflow when processing Arabic UTF-8
strings (rhbz#565997, rhbz#565998)
- Run the included tests
* Wed Jul 21 2010 David Malcolm <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.6.0-9
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #539493 - request for update to pyfribidi2 (spec included)
https://bugzilla.redhat.com/show_bug.cgi?id=539493
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pyfribidi' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke