Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Überschreiben von Dateien in diffoscope
Aktuelle Meldungen Distributionen
Name: Überschreiben von Dateien in diffoscope
ID: FEDORA-2017-101722eb25
Distribution: Fedora
Plattformen: Fedora 25
Datum: Mi, 22. Februar 2017, 23:02
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0359

Originalnachricht

Name        : diffoscope
Product : Fedora 25
Version : 77
Release : 1.fc25
URL : https://diffoscope.org/
Summary : In-depth comparison of files, archives, and directories
Description :
diffoscope will try to get to the bottom of what makes files or directories
different. It will recursively unpack archives of many kinds and transform
various binary formats into more human readable form to compare them. It can
compare two tarballs, ISO images, or PDF just as easily. The differences can
be shown in a text or HTML report.

diffoscope is developed as part of the "reproducible builds" Debian
project and
was formerly known as "debbindiff".

-------------------------------------------------------------------------------
-
Update Information:

Update to the latest version, fixes a security issue.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1421774 - CVE-2017-0359 diffoscope: writes to arbitrary locations
on disk based on the contents of an untrusted archive [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1421774
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade diffoscope' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung