You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa scummvm

Sigurnosni nedostatak programskog paketa scummvm

——————————————————————————–
Fedora Update Notification
FEDORA-2018-d275e6ff0c
2018-05-05 22:24:26.609481
——————————————————————————–

Name : scummvm
Product : Fedora 27
Version : 2.0.0
Release : 1.fc27
URL : http://www.scummvm.org/
Summary : Interpreter for several adventure games
Description :
ScummVM is a program which allows you to run certain classic graphical
point-and-click adventure games, provided you already have their
data files.

ScummVM supports many adventure games, including LucasArts SCUMM games
(such as Monkey Island 1-3, Day of the Tentacle, Sam & Max, …),
many of Sierra’s AGI and SCI games (such as King’s Quest 1-6,
Space Quest 1-5, …), Discworld 1 and 2, Simon the Sorcerer 1 and 2,
Beneath A Steel Sky, Lure of the Temptress, Broken Sword 1 and 2,
Flight of the Amazon Queen, Gobliiins 1-3, The Legend of Kyrandia 1-3,
many of Humongous Entertainment’s children’s SCUMM games (including
Freddi Fish and Putt Putt games) and many more.

The complete list can be found on ScummVM’s compatibility page:
http://scummvm.org/compatibility/2.0.0/

——————————————————————————–
Update Information:

Update to 2.0.0 release. * Fixes CVE-2017-17528.
——————————————————————————–
ChangeLog:

* Sun Apr 8 2018 Christian Krause <chkr@fedoraproject.org> – 2.0.0-1
– update to latest upstream (BZ 1536755)
– add upstream patch for CVE-2017-17528 (and one follow-up patch, BZ 1528426,
BZ 1528425)
– turn off virtual keyboard (the keyboard pack files are not installed
and scummvm doesn’t have a global search path for them on platform sdl/posix)
——————————————————————————–
References:

[ 1 ] Bug #1528425 – CVE-2017-17528 scummvm: Command injection in backends/platform/sdl/posix/posix.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1528425
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-d275e6ff0c’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-d275e6ff0c
2018-05-05 22:24:26.609481
——————————————————————————–

Name : scummvm-tools
Product : Fedora 27
Version : 2.0.0
Release : 1.fc27
URL : http://www.scummvm.org
Summary : Tools for scummVM / S.C.U.M.M scripting language
Description :
This is a collection of various tools that may be useful to use in
conjunction with ScummVM.
Please note that although a tool may support a feature, certain ScummVM
versions may not. ScummVM 0.6.x does not support FLAC audio, for example.

Many games package together all their game data in a few big archive files.
The following tools can be used to extract these archives, and in some cases
are needed to make certain game versions usable with ScummVM.

The following tools can also be used to analyze the game scripts
(controlling the behavior of certain scenes and actors in a game).
These tools are most useful to developers.

——————————————————————————–
Update Information:

Update to 2.0.0 release. * Fixes CVE-2017-17528.
——————————————————————————–
ChangeLog:

* Sat Apr 14 2018 Christian Krause <chkr@fedoraproject.org> – 2.0.0-1
– update to latest upstream
——————————————————————————–
References:

[ 1 ] Bug #1528425 – CVE-2017-17528 scummvm: Command injection in backends/platform/sdl/posix/posix.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1528425
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-d275e6ff0c’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libmad

Otkriveni su sigurnosni nedostaci u programskoj biblioteci libmad za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close