You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa numpy

Sigurnosni nedostaci programskog paketa numpy

——————————————————————————–
Fedora Update Notification
FEDORA-2014-2387
2014-02-12 14:03:20
——————————————————————————–

Name : numpy
Product : Fedora 19
Version : 1.7.2
Release : 8.fc19
URL : http://www.numpy.org/
Summary : A fast multidimensional array facility for Python
Description :
NumPy is a general-purpose array-processing package designed to
efficiently manipulate large multi-dimensional arrays of arbitrary
records without sacrificing too much speed for small multi-dimensional
arrays. NumPy is built on the Numeric code base and adds features
introduced by numarray as well as an extended C-API and the ability to
create arrays of arbitrary type.

There are also basic facilities for discrete fourier transform,
basic linear algebra and random number generation. Also included in
this package is a version of f2py that works properly with NumPy.

——————————————————————————–
Update Information:

– Fix CVE-2014-1858, CVE-2014-1859: #1062009, #1062359
——————————————————————————–
ChangeLog:

* Mon Feb 10 2014 Orion Poplawski <orion@nwra.com> – 1:1.7.2-8
– Fix CVE-2014-1858, CVE-2014-1859: #1062009, #1062359
* Wed Jan 1 2014 Orion Poplawski <orion@nwra.com> – 1:1.7.2-7
– Update to 1.7.2
– Drop library-ext patch applied upstream
* Wed Nov 27 2013 Orion Poplawski <orion@nwra.com> – 1:1.7.1-7
– Build sphinx docs (bug #1034357)
– Ship doc module (bug #1034357)
– Move f2py documentation to f2py package (bug #1027394)
* Mon Oct 14 2013 Tomas Tomecek <ttomecek@redhat.com> – 1:1.7.1-6
– fix name of shared library extensions (rhbz#1018783)
* Tue Aug 27 2013 Jon Ciesla <limburgher@gmail.com> – 1:1.7.1-5
– URL Fix, BZ 1001337
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1:1.7.1-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 30 2013 Tomas Tomecek <ttomecek@redhat.com> – 1:1.7.1-3
– Fix rpmlint warnings
– Update License
– Apply patch: change shebang of f2py to use binary directly
——————————————————————————–
References:

[ 1 ] Bug #1062009 – CVE-2014-1858 CVE-2014-1859 numpy: f2py insecure temporary file use
https://bugzilla.redhat.com/show_bug.cgi?id=1062009
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update numpy’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Ranjivosti programske biblioteke libtiff

Otkrivene su višestruke ranjivosti programske biblioteke libtiff na Gentoo OS. Udaljenim je napadačima bilo omogućeno izvršavanje proizvoljnog programskog koda ili...

Close