[SECURITY] Fedora 20 Update: tntnet-2.2.1-2.fc20

updates at fedoraproject.org updates at fedoraproject.org
Wed Feb 5 03:37:30 UTC 2014


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-1619
2014-01-27 12:02:22
--------------------------------------------------------------------------------

Name        : tntnet
Product     : Fedora 20
Version     : 2.2.1
Release     : 2.fc20
URL         : http://www.tntnet.org/
Summary     : A web application server for web applications
Description :
A web application server for web applications

--------------------------------------------------------------------------------
Update Information:

Own the %{_datadir}/tntnet dir.
this is a security update that fixes the following bug:

https://bugzilla.redhat.com/show_bug.cgi?id=1055374
[Bug 1055374] CVE-2013-7299 tntnet: information leak via crafted HTTP request
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jan 26 2014 Martin Gansser <martinkg at fedoraproject.org> - 2.2.1-2
- Own the %{_datadir}/tntnet dir.
- Run unit tests during build.
* Mon Jan 20 2014 Martin Gansser <martinkg at fedoraproject.org> - 2.2.1-1
- new release
* Sun Sep 22 2013 Michael Schwendt <mschwendt at fedoraproject.org> - 2.2-8
- Add missing dependency on cxxtools-devel in tntnet-devel (#896003).
- Add missing /sbin/ldconfig calls in %post and %postun.
- Using %defattr is not needed anymore.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1055374 - CVE-2013-7299 tntnet: information leak via crafted HTTP request
        https://bugzilla.redhat.com/show_bug.cgi?id=1055374
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update tntnet' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list