Name : catfish Product : Fedora 19 Version : 0.4.0.2 Release : 4.fc19 URL : https://launchpad.net/catfish-search Summary : A handy file search tool Description : A handy file search tool using different backends which is configurable via the command line.
This program acts as a frontend for different file search engines. The interface is intentionally lightweight and simple. But it takes configuration options from the command line.
In the previous rpm, catfish used a wrapper launching script using some bad logic for searching paths, which might lead to arbitrary code execution exploit by malicious local user. This vulnerability is now assigned as CVE-2014-2093 through CVE-2014-2096.
This new rpm should fix this issue. ------------------------------------------------------------------------------- - ChangeLog:
* Sun Mar 2 2014 Mamoru TASAKA <mtasaka@fedoraproject.org> - 0.4.0.2-4 - Fix insecure loading of script at startup (CVE-2014-2093 through CVE-2014-2096, bug 1069398) * Mon Jul 1 2013 Mamoru TASAKA <mtasaka@fedoraproject.org> - 0.4.0.2-3 - Fix GError module error on launch (bug 964356) - Fix infinite loop when searching words with asterisk (bug 964356) ------------------------------------------------------------------------------- - References:
This update can be installed with the "yum" update program. Use su -c 'yum update catfish' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.