-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-13196 2009-12-16 00:19:07 --------------------------------------------------------------------------------
Name : merkaartor Product : Fedora 12 Version : 0.14 Release : 2.fc12 URL : http://www.merkaartor.org Summary : Qt-Based OpenStreetMap editor Description : Merkaartor is a small editor for OpenStreetMap available under the GNU General Public License and developed using the Qt toolkit. It has some unique features like anti-aliased displaying, transparent display of map features like roads and curved roads. -------------------------------------------------------------------------------- Update Information: This update fixes a possible symlink attack on the debug log merkaartor.log by no longer writing it out by default. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 10 2009 Sven Lankes <s...@lank.es> - 0.14-2 - Write log to /dev/null unless specified (bz# 544284) -------------------------------------------------------------------------------- References: [ 1 ] Bug #544284 - CVE-2009-4193 Merkaartor: System files integrity break-out via symlink attack on log file https://bugzilla.redhat.com/show_bug.cgi?id=544284 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update merkaartor' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce