-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-17126 2010-11-02 21:39:41 --------------------------------------------------------------------------------
Name : libsmi Product : Fedora 12 Version : 0.4.8 Release : 5.fc12 URL : http://www.ibr.cs.tu-bs.de/projects/libsmi/index.html Summary : A library to access SMI MIB information Description : Libsmi is a C library to access MIB module information through a well defined API that hides the nasty details of locating and parsing SMIv1/v2 MIB modules. This package contains tools to check, dump, and convert MIB definitions and a steadily maintained and revised archive of all IETF and IANA maintained standard MIB modules. -------------------------------------------------------------------------------- Update Information: Resolve CVE-2010-2891 - LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 1 2010 Tom "spot" Callaway <[email protected]> - 0.4.8-5 - fix CVE-2010-2891 * Thu Feb 25 2010 Radek Vokal <[email protected]> - 0.4.8-4 - fix lincese field, based on the tarball project is now GPL+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #647520 - CVE-2010-2891 libsmi: buffer overflow in smiGetNode can lead to arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=647520 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libsmi' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
