-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-8577 2012-05-29 15:46:37 --------------------------------------------------------------------------------
Name : groff Product : Fedora 17 Version : 1.21 Release : 9.fc17 URL : http://groff.ffii.org Summary : A document formatting system Description : Groff is a document formatting system. Groff takes standard text and formatting commands as input and produces formatted output. The created documents can be shown on a display or printed on a printer. Groff's formatting commands allow you to specify font type and size, bold type, italic type, the number and size of columns on a page, and more. Groff can also be used to format man pages. If you are going to use groff with the X Window System, you will also need to install the groff-x11 package. -------------------------------------------------------------------------------- Update Information: older security fixes - CVE-2009-5044: insecure temporary file handling in pdfroff - CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph - CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Jan Vcelak <[email protected]> 1.21-9 - older security fixes (#709415, #720060): + CVE-2009-5044: insecure temporary file handling in pdfroff + CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph + CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names -------------------------------------------------------------------------------- References: [ 1 ] Bug #709413 - CVE-2009-5044 groff: insecure temporary file handling in pdfroff https://bugzilla.redhat.com/show_bug.cgi?id=709413 [ 2 ] Bug #720058 - CVE-2009-5080 groff: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph https://bugzilla.redhat.com/show_bug.cgi?id=720058 [ 3 ] Bug #720057 - CVE-2009-5081 groff: roff2.pl and groffer.pl use easy-to-guess temporary file names https://bugzilla.redhat.com/show_bug.cgi?id=720057 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update groff' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
