[SECURITY] Fedora 12 Update: gnucash-2.2.9-5.fc12

updates at fedoraproject.org updates at fedoraproject.org
Sat Oct 30 23:44:07 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16622
2010-10-22 17:32:24
--------------------------------------------------------------------------------

Name        : gnucash
Product     : Fedora 12
Version     : 2.2.9
Release     : 5.fc12
URL         : http://gnucash.org/
Summary     : Finance management application
Description :
GnuCash is a personal finance manager. A check-book like register GUI
allows you to enter and track bank accounts, stocks, income and even
currency trades. The interface is designed to be simple and easy to
use, but is backed with double-entry accounting principles to ensure
balanced books.

--------------------------------------------------------------------------------
Update Information:

This update removes an unneeded file that could cause a security issue if ran from a directory that other users had write access to.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 21 2010 Bill Nottingham <notting at redhat.com>
- don't ship gnc-test-env (#644933, CVE-2010-3999)
* Mon Jan 18 2010 Bill Nottingham <notting at redhat.com>
- Fix crash on exporting account tree (#544454, #550362, #546597)
* Thu Dec 10 2009 Bill Nottingham <notting at redhat.com>
- Fix accelerators (#533019, #541915)
* Wed Aug 12 2009 Ville Skyttä <ville.skytta at iki.fi> - 2.2.9-3
- Use lzma compressed upstream tarball.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #644933 - CVE-2010-3999 gnucash: insecure library loading vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=644933
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gnucash' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list