[SECURITY] Fedora 11 Update: esorex-3.7.2-3.fc11
updates at fedoraproject.org
updates at fedoraproject.org
Sat Mar 20 03:51:23 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-3314
2010-03-02 00:32:09
--------------------------------------------------------------------------------
Name : esorex
Product : Fedora 11
Version : 3.7.2
Release : 3.fc11
URL : http://www.eso.org/observing/cpl/esorex.html
Summary : Recipe Execution Tool of the European Southern Observatory
Description :
EsoRex is the ESO Recipe Execution Tool. It can list, configure and
execute CPL-based recipes from the command line.
One of the features provided by the CPL is the ability to create
data-reduction algorithms that run as plugins (dynamic libraries). These
are called recipes and are one of the main aspects of the
CPL data-reduction development environment.
--------------------------------------------------------------------------------
Update Information:
This update patches the bundled copy of libltdl library which was vulnerable to
CVE-2009-3736.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 17 2010 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-3
- Patch to ltdl, fixes security problem CVE-2009-3736, bz #563969
* Mon Nov 16 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-2
- EVR bump to allow rebuilding
* Thu Nov 5 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-1
- New upstream source
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.6.12-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri May 8 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.6.12-3
- Reverting plugin directory patch. Not working in x86_64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #537941 - CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
https://bugzilla.redhat.com/show_bug.cgi?id=537941
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update esorex' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list