——————————————————————————–
Fedora Update Notification
FEDORA-2014-5938
2014-05-02 20:20:12
——————————————————————————–
Name : rxvt-unicode
Product : Fedora 19
Version : 9.20
Release : 1.fc19
URL : http://software.schmorp.de/
Summary : Unicode version of rxvt
Description :
rxvt-unicode is a clone of the well known terminal emulator rxvt, modified to
store text in Unicode (either UCS-2 or UCS-4) and to use locale-correct input
and output. It also supports mixing multiple fonts at the same time, including
Xft fonts.
——————————————————————————–
Update Information:
* Update to 9.20: http://cvs.schmorp.de/rxvt-unicode/Changes
* Fix CVE-2014-3121: user-assisted arbitrary commands execution
——————————————————————————–
ChangeLog:
* Thu May 1 2014 Jamie Nguyen <jamielinux@fedoraproject.org> – 9.20-1
– update to upstream release 9.20, which includes a fix for security bug
CVE-2014-3121 (#1093287, #1093288, #1093289)
– include man pages for new extension (selection-to-clipboard)
* Thu Oct 31 2013 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
– 9.19-1
– version upgrade
* Tue Sep 10 2013 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
– 9.18-5
– fix tabbed extension
* Sun Aug 18 2013 Paul Howarth <paul@city-fan.org> – 9.18-4
– fix xsubpp path leading to FTBFS (#993374)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 9.18-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> – 9.18-2
– Perl 5.18 rebuild
——————————————————————————–
References:
[ 1 ] Bug #1093287 – CVE-2014-3121 rxvt-unicode: user-assisted arbitrary commands execution
https://bugzilla.redhat.com/show_bug.cgi?id=1093287
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update rxvt-unicode’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-5939
2014-05-02 20:20:15
——————————————————————————–
Name : rxvt-unicode
Product : Fedora 20
Version : 9.20
Release : 1.fc20
URL : http://software.schmorp.de/
Summary : Unicode version of rxvt
Description :
rxvt-unicode is a clone of the well known terminal emulator rxvt, modified to
store text in Unicode (either UCS-2 or UCS-4) and to use locale-correct input
and output. It also supports mixing multiple fonts at the same time, including
Xft fonts.
——————————————————————————–
Update Information:
* Update to 9.20: http://cvs.schmorp.de/rxvt-unicode/Changes
* Fix CVE-2014-3121: user-assisted arbitrary commands execution
——————————————————————————–
ChangeLog:
* Thu May 1 2014 Jamie Nguyen <jamielinux@fedoraproject.org> – 9.20-1
– update to upstream release 9.20, which includes a fix for security bug
CVE-2014-3121 (#1093287, #1093288, #1093289)
– include man pages for new extension (selection-to-clipboard)
——————————————————————————–
References:
[ 1 ] Bug #1093287 – CVE-2014-3121 rxvt-unicode: user-assisted arbitrary commands execution
https://bugzilla.redhat.com/show_bug.cgi?id=1093287
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update rxvt-unicode’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce