[SECURITY] Fedora 12 Update: esorex-3.7.2-5.fc12

updates at fedoraproject.org updates at fedoraproject.org
Sat Mar 20 03:29:17 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-3216
2010-03-02 00:29:48
--------------------------------------------------------------------------------

Name        : esorex
Product     : Fedora 12
Version     : 3.7.2
Release     : 5.fc12
URL         : http://www.eso.org/observing/cpl/esorex.html
Summary     : Recipe Execution Tool of the European Southern Observatory
Description :
EsoRex is the ESO Recipe Execution Tool. It can list, configure and
execute CPL-based recipes from the command line.
One of the features provided by the CPL is the ability to create
data-reduction algorithms that run as plugins (dynamic libraries). These
are called recipes and are one of the main aspects of the
CPL data-reduction development environment.

--------------------------------------------------------------------------------
Update Information:

This update patches the bundled copy of libltdl library which was vulnerable to
CVE-2009-3736.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 17 2010 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-5
- Patch to ltdl, fixes security problem CVE-2009-3736, bz #563969
* Wed Nov  4 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-4
- Updated build requires
* Tue Nov  3 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-3
- Rebuilt for new cpl
* Wed Oct 28 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-2
- Fixed configure patch
* Wed Oct 28 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-1
- New upstream source
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #537941 - CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
        https://bugzilla.redhat.com/show_bug.cgi?id=537941
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update esorex' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list