-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-1776 2009-02-17 14:51:10 --------------------------------------------------------------------------------
Name : jhead Product : Fedora 9 Version : 2.86 Release : 1.fc9 URL : http://www.sentex.net/~mwandel/jhead/ Summary : Tool for displaying EXIF data embedded in JPEG images Description : Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. -------------------------------------------------------------------------------- Update Information: * fixes "CVE-2008-4640 jhead: arbitrary file deletion" (#468056) * fixes "CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes" (#468057) -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 16 2009 Adrian Reber <[email protected]> - 2.86-1 - updated to 2.86 - fixes "CVE-2008-4640 jhead: arbitrary file deletion" (#468056) - fixes "CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes" (#468057) - fixes "build ignores optflags" (#485697) * Thu Oct 16 2008 Adrian Reber <[email protected]> - 2.84-1 - updated to 2.84 - fixes "CVE-2008-4575 jhead buffer overflow" (#467262) - removed upstreamed makefile patch * Wed Sep 24 2008 Adrian Reber <[email protected]> - 2.82-2 - rebased makefile patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #468056 - CVE-2008-4640 jhead: arbitrary file deletion https://bugzilla.redhat.com/show_bug.cgi?id=468056 [ 2 ] Bug #468057 - CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes https://bugzilla.redhat.com/show_bug.cgi?id=468057 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update jhead' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list [email protected] http://www.redhat.com/mailman/listinfo/fedora-package-announce
