Sicherheit: Ausführen beliebiger Kommandos in Tomboy - Pro-Linux

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2011-7994
2011-06-07 03:41:27
-------------------------------------------------------------------------------
-

Name        : tomboy
Product     : Fedora 14
Version     : 1.6.0
Release     : 1.fc14
URL         : http://projects.gnome.org/tomboy/
Summary     : Note-taking application
Description :
Tomboy is a desktop note-taking application which is simple and easy to use.
It lets you organise your notes intelligently by allowing you to easily link
ideas together with Wiki style interconnects.

-------------------------------------------------------------------------------
-
Update Information:

Version 1.6.0:

 * Grammar and language fixes (bgo#642156)
 * Changed GetSelectedNotebook from private to public so it can be used by
 add-ins (Robert Nordan)
 * Fix tomboy insecure LD_LIBRARY_PATH (bgo#635614, Luis Medinas)
 * Fix CVE-2010-4005 (Luis Medinas). Originally found by Ludwig Nussel
 <lnussel@novell.com>
 * Fix Remove title format from add-ins descriptions (bgo#636606, Paul Cutler)
 * Fix Replace Computer Name with Login Name in SSH sync setup (bgo#633605,
 Paul Cutler)
 * Translation Updates: es, br, io, bg, cn, cz, dut, fr, gl, de, el, gu, he,
 hu, in, ja, ko, lv, no, pl, pt, ru, sk, sl, sv, th, ug, and zh.
 * Added new translation Luganda (ug).

Packaging changes:

 * The .desktop file is included.
 * For F14, the panel applet is enabled.
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Jun  2 2011 Thomas Moschny <thomas.moschny@gmx.de> - 1.6.0-1
- Update to 1.6.0, also fixes CVE-2010-4005.
- Simply create the missing dir instead of patching Makefile.am.
- Include the .desktop file (bz 672406).
- Use pkgconfig(...)-style BRs.
- Add missing BR on GConf2.
- Re-enable the panel applet for F14 (bz 637416).
- Minor cosmetics.
* Mon Oct 25 2010 Ray Strode <rstrode@redhat.com> 1.4.2-1
- Update to 1.4.2
  Related: #646666
* Thu Sep 30 2010 Matthias Clasen <mclasen@redhat.com> - 1.4.0-1
- Update to 1.4.0
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #644606 - CVE-2010-4005 tomboy: insecure library loading
 vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=644606
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use 
su -c 'yum update tomboy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce