[SECURITY] Fedora 13 Update: udunits2-2.1.19-1.fc13
updates at fedoraproject.org
updates at fedoraproject.org
Wed Nov 24 22:43:59 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17807
2010-11-16 22:09:15
--------------------------------------------------------------------------------
Name : udunits2
Product : Fedora 13
Version : 2.1.19
Release : 1.fc13
URL : http://www.unidata.ucar.edu/software/udunits/
Summary : A library for manipulating units of physical quantities
Description :
The Unidata units utility, udunits2, supports conversion of unit specifications
between formatted and binary forms, arithmetic manipulation of unit
specifications, and conversion of values between compatible scales of
measurement. A unit is the amount by which a physical quantity is measured. For
example:
Physical Quantity Possible Unit
_________________ _____________
time weeks
distance centimeters
power watts
This utility works interactively and has two modes. In one mode, both an input
and output unit specification are given, causing the utility to print the
conversion between them. In the other mode, only an input unit specification is
given. This causes the utility to print the definition -- in standard units --
of the input unit.
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.19, don't use bundled expat (old and vulnerable), use system copy instead.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652979 - udunits2 contains an embedded copy of expat, prone to CVE-2009-3720
https://bugzilla.redhat.com/show_bug.cgi?id=652979
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update udunits2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list