You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa pxz

Sigurnosni nedostatak programskog paketa pxz

——————————————————————————–
Fedora Update Notification
FEDORA-2020-07fcbfddbd
2020-04-30 03:42:10.988557
——————————————————————————–

Name : pxz
Product : Fedora 31
Version : 4.999.9
Release : 19.beta.20200421git.fc31
URL : https://jnovy.fedorapeople.org/pxz/
Summary : Parallel LZMA compressor using XZ
Description :
Parallel XZ is a compression utility that takes advantage of running
XZ compression simultaneously on different parts of an input file on
multiple cores and processors. This significantly speeds up compression time.

——————————————————————————–
Update Information:

– Update to GIT 20200421 – Added patch against race condition in setting
permissions on output file (#1182024) – Added patch to revert environment
redirect allowing `export XZ_OPT=”-9″` or similar
——————————————————————————–
ChangeLog:

* Tue Apr 21 2020 Robert Scheck <robert@fedoraproject.org> 4.999.9-19.beta.20200421git
– Update to GIT 20200421
– Added patch against race condition in setting permissions on output file (#1182024)
– Added patch to revert environment redirect allowing ‘export XZ_OPT=”-9″‘ or similar
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> – 4.999.9-18.beta.20120930git
– Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
——————————————————————————–
References:

[ 1 ] Bug #1182024 – CVE-2015-1200 pxz: race condition in setting permissions on output file
https://bugzilla.redhat.com/show_bug.cgi?id=1182024
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-07fcbfddbd’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa sqliteodbc

Otkriveni su sigurnosni nedostaci u programskom paketu sqliteodbc za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju stjecanje uvećanih ovlasti....

Close