[SECURITY] Fedora 13 Update: esorex-3.7.2-6.fc13

updates at fedoraproject.org updates at fedoraproject.org
Wed Mar 10 06:54:45 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-4098
2010-03-10 05:19:36
--------------------------------------------------------------------------------

Name        : esorex
Product     : Fedora 13
Version     : 3.7.2
Release     : 6.fc13
URL         : http://www.eso.org/observing/cpl/esorex.html
Summary     : Recipe Execution Tool of the European Southern Observatory
Description :
EsoRex is the ESO Recipe Execution Tool. It can list, configure and
execute CPL-based recipes from the command line.
One of the features provided by the CPL is the ability to create
data-reduction algorithms that run as plugins (dynamic libraries). These
are called recipes and are one of the main aspects of the
CPL data-reduction development environment.

--------------------------------------------------------------------------------
Update Information:

This update patches the bundled copy of libltdl library which was vulnerable to
CVE-2009-3736.    This update allows esorex to be built with the new
ImplicitDSOLinking behaviour of F-13
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #537941 - CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
        https://bugzilla.redhat.com/show_bug.cgi?id=537941
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update esorex' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list