[SECURITY] Fedora 14 Update: fabric-0.9.7-1.fc14
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jul 12 05:07:14 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-8964
2011-07-01 18:26:45
--------------------------------------------------------------------------------
Name : fabric
Product : Fedora 14
Version : 0.9.7
Release : 1.fc14
URL : http://www.fabfile.org
Summary : A simple Pythonic remote deployment tool
Description :
Fabric is a simple Pythonic remote deployment tool which is designed to upload
files to, and run shell commands on, a number of servers in parallel or
serially.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2011-2185
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 1 2011 Silas Sewell <silas at sewell.ch> - 0.9.7-1
- Update to 0.9.7
- Fix CVE-2011-2185
* Sun Dec 19 2010 Silas Sewell <silas at sewell.ch> - 0.9.3-1
- Update to 0.9.3
- Remove old patch and man page
* Sat Oct 9 2010 Silas Sewell <silas at sewell.ch> - 0.9.2-1
- Update to 0.9.2
- Import man page from upstream branch
- Apply upstream patch to fix incorrect requirements
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #710462 - CVE-2011-2185 fabric: Use of insecure temporary file by uploading templates and projects to remote hosts
https://bugzilla.redhat.com/show_bug.cgi?id=710462
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update fabric' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list