- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-4135
2014-03-21 07:17:39
——————————————————————————–
Name : k4dirstat
Product : Fedora 20
Version : 2.7.0
Release : 0.14.20101010git6c0a9e6.fc20
URL : http://grumpypenguin.org/
Summary : Graphical Directory Statistics for Used Disk Space
Description :
KDirStat (KDE Directory Statistics) is a utility program that sums up
disk usage for directory trees – very much like the Unix ‘du’ command.
It can also help you clean up used space.
K4DirStat is the port to KDE4.
——————————————————————————–
Update Information:
Fix CVE-2014-2527
——————————————————————————–
ChangeLog:
* Thu Mar 20 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.14.20101010git6c0a9e6
– kdebase-devel turn into kde-baseapps-devel (BR).
* Thu Mar 20 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.13.20101010git6c0a9e6
– Add (now) mandatory cmake BuildRequires.
* Wed Mar 19 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.12.20101010git6c0a9e6
– Fix bogus date (Tue Dec 16 2010 -> Thu Dec 16 2010).
* Wed Mar 19 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.11.20101010git6c0a9e6
– Fix CVE-2014-2527.
– Delete defatr entry in files section.
——————————————————————————–
References:
[ 1 ] Bug #1077059 – CVE-2014-2527 CVE-2014-2528 kdirstat: insufficient quote escaping leading to arbitrary command execution
https://bugzilla.redhat.com/show_bug.cgi?id=1077059
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update k4dirstat’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-4121
2014-03-21 07:17:01
——————————————————————————–
Name : k4dirstat
Product : Fedora 19
Version : 2.7.0
Release : 0.14.20101010git6c0a9e6.fc19
URL : http://grumpypenguin.org/
Summary : Graphical Directory Statistics for Used Disk Space
Description :
KDirStat (KDE Directory Statistics) is a utility program that sums up
disk usage for directory trees – very much like the Unix ‘du’ command.
It can also help you clean up used space.
K4DirStat is the port to KDE4.
——————————————————————————–
Update Information:
Fix CVE-2014-2527
——————————————————————————–
ChangeLog:
* Thu Mar 20 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.14.20101010git6c0a9e6
– kdebase-devel turn into kde-baseapps-devel (BR).
* Thu Mar 20 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.13.20101010git6c0a9e6
– Add (now) mandatory cmake BuildRequires.
* Wed Mar 19 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.12.20101010git6c0a9e6
– Fix bogus date (Tue Dec 16 2010 -> Thu Dec 16 2010).
* Wed Mar 19 2014 Dmitrij S. Kryzhevich <krege@land.ru> – 2.7.0-0.11.20101010git6c0a9e6
– Fix CVE-2014-2527.
– Delete defatr entry in files section.
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 2.7.0-0.10.20101010git6c0a9e6
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1077059 – CVE-2014-2527 CVE-2014-2528 kdirstat: insufficient quote escaping leading to arbitrary command execution
https://bugzilla.redhat.com/show_bug.cgi?id=1077059
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update k4dirstat’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2014-03-0003-ADV |
| Cve | CVE-2014-2527 CVE-2014-2528 |
| ID izvornika | FEDORA-2014-4135 FEDORA-2014-4121 |
| Proizvod | k4dirstat |
| Izvor | http://www.redhat.com |
