Paketname
gv
Datum
2010-08-23
Advisory ID
MDVSA-2010:159
Betroffene Versionen
MES5 i586 , 2010.0 x86_64 , 2010.1 i586 , 2010.0 i586 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64 , 2010.1 x86_64

Problembeschreibung

A vulnerability has been found and corrected in gv:

GNU gv before 3.7.0 allows local users to overwrite arbitrary files
via a symlink attack on a temporary file (CVE-2010-2056).

This update provides gv 3.7.1, which is not vulnerable to this issue.

Aktualisierte Pakete

MES5 i586

 16664d2a985d9a797744340f9f80739f  mes5/i586/gv-3.7.1-0.1mdvmes5.1.i586.rpm 
 19e98994797a3adcdb8d4a9203315235  mes5/SRPMS/gv-3.7.1-0.1mdvmes5.1.src.rpm

2010.0 x86_64

 346e7ba7670d76a4b9b16b778d18af51  2010.0/x86_64/gv-3.7.1-0.1mdv2010.0.x86_64.rpm 
 4129b3838c40f800a912dd9b73ee983f  2010.0/SRPMS/gv-3.7.1-0.1mdv2010.0.src.rpm

2010.1 i586

 7ef15d132958755f9312b60eb870fa4b  2010.1/i586/gv-3.7.1-0.1mdv2010.1.i586.rpm 
 7612792cc5259a453d233313e7438b2e  2010.1/SRPMS/gv-3.7.1-0.1mdv2010.1.src.rpm

2010.0 i586

 75d7321d14980823ea3dd0cb16d0aa96  2010.0/i586/gv-3.7.1-0.1mdv2010.0.i586.rpm 
 4129b3838c40f800a912dd9b73ee983f  2010.0/SRPMS/gv-3.7.1-0.1mdv2010.0.src.rpm

CS4.0 i586

 55302a1019fa92312fd2d78c92faa5ad  corporate/4.0/i586/gv-3.7.1-0.1.20060mlcs4.i586.rpm 
 11e02e3f1e81ba5f91e71f59dbee702e  corporate/4.0/SRPMS/gv-3.7.1-0.1.20060mlcs4.src.rpm

CS4.0 x86_64

 959502b637e910e687d75741ad401882  corporate/4.0/x86_64/gv-3.7.1-0.1.20060mlcs4.x86_64.rpm 
 11e02e3f1e81ba5f91e71f59dbee702e  corporate/4.0/SRPMS/gv-3.7.1-0.1.20060mlcs4.src.rpm

MES5 x86_64

 b18904eeba9c1967ae2e2e575a17b3c1  mes5/x86_64/gv-3.7.1-0.1mdvmes5.1.x86_64.rpm 
 19e98994797a3adcdb8d4a9203315235  mes5/SRPMS/gv-3.7.1-0.1mdvmes5.1.src.rpm

2010.1 x86_64

 ec2ac83e528e3c2cc702f4139df8e8fb  2010.1/x86_64/gv-3.7.1-0.1mdv2010.1.x86_64.rpm 
 7612792cc5259a453d233313e7438b2e  2010.1/SRPMS/gv-3.7.1-0.1mdv2010.1.src.rpm

Referenzen