--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-2943
2010-02-26 02:25:40
--------------------------------------------------------------------------------
Name : mingw32-libltdl
Product : Fedora 11
Version : 1.5.26
Release : 17.fc11
URL :
http://www.gnu.org/software/libtool/
Summary : Runtime libraries for GNU Libtool Dynamic Module Loader
Description :
The mingw32-libltdl package contains the GNU Libtool Dynamic Module Loader, a
library that provides a consistent, portable interface which simplifies the
process of using dynamic modules, for the mingw32 cross compilation
environment.
These runtime libraries are needed by programs that link directly to the
system-installed ltdl libraries; they are not needed by software built using
the rest of the GNU Autotools (including GNU Autoconf and GNU Automake).
--------------------------------------------------------------------------------
Update Information:
Not sure whether mingw32-libltdl (due to its special nature in being for cross-
compilation development for an entirely different system) is actually affected
by CVE-2009-3736, but this should make sure everything is fixed.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-17
- Unfuzz the CVE-2009-3736 patch
* Thu Feb 11 2010 Hans Ulrich Niedermann <hun@n-dimensional.de> - 1.5.26-16
- Fix CVE-2009-3736 (#563980, #537941)
- Change define macros into global macros
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #537941 - CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
https://bugzilla.redhat.com/show_bug.cgi?id=537941
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mingw32-libltdl' at the command line.
For more information, refer to "Managing Software with yum",
available at
http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce