[SECURITY] Fedora 14 Update: feh-1.14.1-1.fc14
updates at fedoraproject.org
updates at fedoraproject.org
Mon Jul 4 18:51:56 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-8747
2011-06-26 18:32:08
--------------------------------------------------------------------------------
Name : feh
Product : Fedora 14
Version : 1.14.1
Release : 1.fc14
URL : https://derf.homelinux.org/projects/feh/
Summary : Fast command line image viewer using Imlib2
Description :
feh is a versatile and fast image viewer using imlib2, the
premier image file handling library. feh has many features,
from simple single file viewing, to multiple file modes using
a slide-show or multiple windows. feh supports the creation of
montages as index prints with many user-configurable options.
--------------------------------------------------------------------------------
Update Information:
Changes since 0.10.1:
- Bug fixes
* Make zoom_default key work properly with --geometry
* Only create caption directory when actually writing out a caption.
<http://github.com/derf/feh/issues/42>
* read directory contents sorted by filename instead of 'randomly'
(as returned by readdir) by default. Thanks talisein!
<https://github.com/derf/feh/pull/20>
* Show certain warnings in the image window as well as on the commandline
<http://github.com/derf/feh/issues/43>
* Change a patch for NETWM fullscreen support to only apply to fullscreen
windows. This fixes the moving windows bug in fluxbox (since fluxbox
doesn't report its window border width).
<http://github.com/derf/feh/issues/22>
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570903>
* Minor manpage fixes.
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625683>
* Fix --auto-zoom / --zoom max/fill documentation, the "Auto-Zoom" menu
option is now always checked when these options are used
* Set _NET_WM_NAME and _NET_WM_ICON_NAME properties
<http://github.com/derf/feh/issues/44>
* The zoom_default key now works fine with --scale-down
<http://github.com/derf/feh/issues/41>
* Fix access of uninitialized memory / malloc/realloc clash in continued
theme definition handling. Having a theme line with just one
option/value pair used to produce undefined behaviour
* Fix segfault upon unloadable images when image-related format specifiers
(e.g. %h) are used in --title
* Fix Imlib2 caching bug in reload (only worked after the second try)
* Show correct image dimensions in for cached thumbnails
* Fix zooming when --scale-down is used
* Make in/out zoom use equal zoom ratio
- Behavior changes/compatability
* --menu-style is now deprecated
* The --menu-bg option has been deprecated. It will be removed along with
--menu-style by the end of 2012.
<http://github.com/derf/feh/issues/27>
* Since the manual is way better structured and more detailed than the
--help output, it now simply refers to the manual.
* The 'A' key (toggle_aliasing) now actually changes the current window,
and not just the default for new windows
* Show images in current directory when invoked without file arguments
* The --bg options are now Xinerama-aware. That is, they set the image in
the respective mode (scale/fill/max/center) on each Xinerama screen. Use
--no-xinerama to disable this.
* Add --zoom fill as equivalent for --auto-zoom
* Remove builtin http client (--builtin)
* http images are now viewed using libcurl, not wget (thanks to talisein)
This adds libcurl as dependency, and removes the wget recommendation
* Allow commandline options to override those set in a theme
* Remove support for FEH_OPTIONS (was deprecated >5 years ago)
* Restrict available modifiers to Control/Mod1/Mod4
* The themes are now read from ~/.config/feh/themes (BC for .fehrc exists)
* Key bindings can now be configured via ~/.config/feh/keys
* Removes --rcpath, use XDG_CONFIG_HOME instead
* Increase movement steps for Ctrl+Left etc.
- Features
* You can now use the next/prev/jump keys to navigate thumbnails. Use the
render key to open the currently selected thumbnail.
<http://github.com/derf/feh/issues/26>
* Option to disable antialiasing, either global (--force-aliasing) or per
image (press 'A' to toggle, keybinding toggle_aliasing)
* Use SIGUSR1/SIGUSR2 to reload all images in multiwindow mode
* Add --zoom max (zooming like in --bg-max)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 24 2011 Ben Boeckel <mathstuf at gmail.com> - 1.14.1-1
- Update to 1.14.1
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.10.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Dec 29 2010 Andrew Potter <agpotter at gmail.com> 1.10.1-1
- New upstream release
- Closes CVE-2010-2246 by removing option -G, --wget-timestamp
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #676389 - CVE-2011-0702 feh: arbitrary file overwrite vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=676389
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update feh' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list