[SECURITY] Fedora 7 Update: tk-8.4.13-7.fc7
updates at fedoraproject.org
updates at fedoraproject.org
Thu Feb 7 20:55:44 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1131
2008-02-05 23:10:30
--------------------------------------------------------------------------------
Name : tk
Product : Fedora 7
Version : 8.4.13
Release : 7.fc7
URL : http://tcl.sourceforge.net
Summary : The graphical toolkit for the Tcl scripting language
Description :
When paired with the Tcl scripting language, Tk provides a fast and powerful
way to create cross-platform GUI applications.
--------------------------------------------------------------------------------
Update Information:
Fixed security issue - buffer overflow in gif parsing.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 28 2008 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.13-7
- attached upstream patch
- similar to CVE-2006-4484, problem with GIF again #430100
* Mon Oct 15 2007 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.13-6
- CVE-2007-5137 gif buffer overflow
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #431518 - CVE-2008-0553 tk: GIF handling buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=431518
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update tk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list