Sicherheit: Ausführen beliebiger Kommandos in vdr-scraper2vdr
|Name:
|Ausführen beliebiger Kommandos in vdr-scraper2vdr
|ID:
|FEDORA-2017-3a568adb31
|Distribution:
|Fedora
|Plattformen:
|Fedora 25
|Datum:
|Mi, 20. September 2017, 12:39
|Referenzen:
|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14482
Originalnachricht
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-3a568adb31
2017-09-19 14:22:11.619064
-------------------------------------------------------------------------------
-
Name : vdr-scraper2vdr
Product : Fedora 25
Version : 1.0.5
Release : 4.20170611git254122b.fc25
URL : https://github.com/horchi/scraper2vdr
Summary : A client plugin which provides scraped metadata from EPGD to
other plugins
Description :
Scraper2vdr acts as client and provides scraped metadata for tvshows and
movies from epgd to other plugins via its service interface. The plugin
cares about caching the images locally and also cleans up the images if
not longer needed.
epgd itself uses the thetvdb.com API for collecting series metadata and
themoviedb.org API for movies. Check the websites of both services for
the terms of use.
-------------------------------------------------------------------------------
-
Update Information:
Many security fixes, bug fixes, and other changes from the previous version
6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi
ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent
packages
are mostly straight rebuilds, a couple also include bugfix version updates.
---- rhbz#1490649 - emacs-25.3 is available rhbz#1490410 - unsafe enriched
mode translations (security)
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1490409 - CVE-2017-14482 emacs: Unsafe enriched mode translations
https://bugzilla.redhat.com/show_bug.cgi?id=1490409
-------------------------------------------------------------------------------
-
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade vdr-scraper2vdr' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
