[SECURITY] Fedora 20 Update: iodine-0.7.0-1.fc20

updates at fedoraproject.org updates at fedoraproject.org
Sat Aug 16 22:31:53 UTC 2014 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-9265
2014-08-08 07:46:33
--------------------------------------------------------------------------------

Name        : iodine
Product     : Fedora 20
Version     : 0.7.0
Release     : 1.fc20
URL         : http://code.kryo.se/iodine/
Summary     : Solution to tunnel IPv4 data through a DNS server
Description :
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in
different situations where internet access is firewalled, but DNS queries are
allowed.

It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a
TUN/TAP device. The bandwidth is asymmetrical with limited upstream and up to
1 Mbit/s downstream.

This is meta-package to install both client and server.
It also contain three documantation files: CHANGELOG, README, TODO.

--------------------------------------------------------------------------------
Update Information:

Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 22 2014 Pavel Alexeev <Pahan at Hubbitus.info> - 0.7.0-1
- Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
- Drop old Patch0: iodine-0.5.2-prefix.patch
- Rebase iodine-0.6.0-rc1.split-man.patch -> iodine-0.7.0.split-man.patch
- Some spec cleanup.
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.0-0.rc1.12.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Jan  7 2014 Pavel Alexeev <Pahan at Hubbitus.info> - 0.6.0-0.rc1.12
- Step to systemd macroses (#850160)
* Tue Jan  7 2014 Pavel Alexeev <Pahan at Hubbitus.info> - 0.6.0-0.rc1.11
- Add Provides: bundled(md5-deutsch) to client and server sub-packages (#1046028)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1110338 - CVE-2014-4168 iodine: authentication bypass vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=1110338
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update iodine' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list