Lesezeichen hinzufügen
Originalnachricht
Name : krfbProduct : Fedora 20Version : 4.13.3Release : 4.fc20URL : https://projects.kde.org/projects/kde/kdenetwork/krfbSummary : Desktop sharingDescription :Runtime libraries for krfb.--------------------------------------------------------------------------------Update Information:Avoid possible denial of service or code execution via integer overflow by using (patched) system minilzo (instead of vulnerable bundled copy). See also: http://www.kde.org/info/security/advisory-20140803-1.txt--------------------------------------------------------------------------------ChangeLog:* Mon Aug 4 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.3-4- fix system_libvncserver (f21+), else use system minilzo* Mon Aug 4 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.3-3- system libvncserver on f21+ only, update bundled lzo* Sun Aug 3 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.3-2- krfb: unbundle libvncserver (CVE-2014-4607, #655844)* Tue Jul 15 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.13.3-1- 4.13.3* Mon Jun 9 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.13.2-1- 4.13.2* Sun Jun 8 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.13.1-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild* Sun May 11 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.13.1-1- 4.13.1* Sat Apr 12 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.13.0-1- 4.13.0* Fri Apr 4 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.12.97-1- 4.12.97* Sun Mar 23 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.12.95-1- 4.12.95* Wed Mar 19 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.12.90-1- 4.12.90* Sun Mar 2 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.12.3-1- 4.12.3* Fri Jan 31 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.12.2-1- 4.12.2* Fri Jan 10 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.12.1-1- 4.12.1* Thu Dec 19 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.12.0-1- 4.12.0* Sun Dec 1 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.97-1- 4.11.97* Thu Nov 21 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.95-1- 4.11.95* Sat Nov 16 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.90-1- 4.11.90--------------------------------------------------------------------------------References: [ 1 ] Bug #1112418 - CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1112418--------------------------------------------------------------------------------This update can be installed with the "yum" update program. Usesu -c 'yum update krfb' at the command line.For more information, refer to "Managing Software with yum",available at http://docs.fedoraproject.org/yum/.All packages are signed with the Fedora Project GPG key. More details on theGPG keys used by the Fedora Project can be found athttps://fedoraproject.org/keys--------------------------------------------------------------------------------_______________________________________________package-announce mailing listpackage-announce@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/package-announce