——————————————————————————–
Fedora Update Notification
FEDORA-2014-7939
2014-06-30 22:20:23
——————————————————————————–

Name : lzo
Product : Fedora 19
Version : 2.08
Release : 1.fc19
URL : http://www.oberhumer.com/opensource/lzo/
Summary : Data compression library with very fast (de)compression
Description :
LZO is a portable lossless data compression library written in ANSI C.
It offers pretty fast compression and very fast decompression.
Decompression requires no memory. In addition there are slower
compression levels achieving a quite competitive compression ratio
while still decompressing at this very high speed.

——————————————————————————–
Update Information:

New upstream
——————————————————————————–
ChangeLog:

* Mon Jun 30 2014 Huzaifa Sidhpurwala <huzaifas@redhat.com> – 2.08-1
– New upstream
– Fix CVE-2014-4607
——————————————————————————–
References:

[ 1 ] Bug #1114304 – lzo-2.08 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1114304
[ 2 ] Bug #1114230 – update lzo to 2.07
https://bugzilla.redhat.com/show_bug.cgi?id=1114230
[ 3 ] Bug #1113874 – CVE-2014-4607 LZO: lzo1x_decompress_safe() integer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1113874
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update lzo’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce