Sicherheit: Unsichere Verwendung temporärer Dateien in gnash - Pro-Linux

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2011-3662
2011-03-19 09:58:22
-------------------------------------------------------------------------------
-

Name        : gnash
Product     : Fedora 13
Version     : 0.8.9
Release     : 1.fc13
URL         : http://www.gnu.org/software/gnash/
Summary     : GNU flash movie player
Description :
Gnash is capable of reading up to SWF v9 files and op-codes, but primarily
supports SWF v7, with better SWF v8 and v9 support under heavy development.
Gnash includes initial parser support for SWF v8 and v9. Not all
ActionScript 2 classes are implemented yet, but all of the most heavily
used ones are. Many ActionScript 2 classes are partially implemented;
there is support for all of the commonly used methods of each
class.

-------------------------------------------------------------------------------
-
Update Information:

-------------------------------------------------------------------------------
-
ChangeLog:

* Fri Mar 18 2011 Hicham HAOUARI <hicham.haouari@gmail.com> - 1:0.8.9-1
- Update to 0.8.9 final
* Sat Mar 12 2011 Hicham HAOUARI <hicham.haouari@gmail.com> -
 1:0.8.9-0.1.20110312git
- Switch to 0.8.9 branch
- Spec cleanup
- Add extensions
- Enable testsuite
* Tue Feb  8 2011 Fedora Release Engineering
 <rel-eng@lists.fedoraproject.org> - 1:0.8.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Oct  6 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:0.8.8-4
- backport 2 upstream commits to make it work with libcurl >= 7.21.x
 (#639737)
* Sat Oct  2 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:0.8.8-3
- fix FTBFS (#631181) (fix by Hicham Haouari)
* Fri Aug 27 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:0.8.8-2
- fix the check for the docbook2X tools being in Perl
* Wed Aug 25 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:0.8.8-1.1
- rebuild for the official release of Boost 1.44.0 (silent ABI change)
* Mon Aug 23 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:0.8.8-1
- update to 0.8.8 (#626352, #574100, #606170)
- update file list (patch by Jeff Smith)
* Thu Jul 29 2010 Bill Nottingham <notting@redhat.com> - 1:0.8.7-5
- Rebuilt for boost-1.44, again
* Tue Jul 27 2010 Bill Nottingham <notting@redhat.com> - 1:0.8.7-4
- Rebuilt for boost-1.44
* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 1:0.8.7-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Tue Jun  8 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:0.8.7-2
- -plugin: avoid file (directory) dependency (#601942)
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #669851 - CVE-2010-4337 gnash: symlink attack via configure script
        https://bugzilla.redhat.com/show_bug.cgi?id=669851
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gnash' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce