[SECURITY] Fedora 8 Update: emacspeak-28.0-3.fc8

updates at fedoraproject.org updates at fedoraproject.org
Wed Oct 1 06:34:24 UTC 2008 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-8423
2008-10-01 05:58:34
--------------------------------------------------------------------------------

Name        : emacspeak
Product     : Fedora 8
Version     : 28.0
Release     : 3.fc8
URL         : http://emacspeak.sourceforge.net/
Summary     : emacspeak -- The Complete Audio Desktop
Description :
Emacspeak is a speech interface that allows visually impaired users to
interact independently and efficiently with the computer. Emacspeak has
dramatically changed how the author and hundreds of blind and visually
impaired users around the world interact with the personal computer and
the Internet. A rich suite of task-oriented speech-enabled tools provides
efficient speech-enabled access to the evolving semantic WWW.
When combined with Linux running on low-cost PC hardware,
Emacspeak/Linux provides a reliable, stable speech-friendly solution that
opens up the Internet to visually impaired users around the world.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 26 2008 Jens Petersen <petersen at redhat.com> - 28.0-3
- (CVE-2008-4191) fix tmpfile vulnerability in extract-table.pl with
  emacspeak-28.0-tmpfile.patch from upstream svn (#463819)
* Fri Sep 26 2008 Jens Petersen <petersen at redhat.com> - 28.0-2
- fix broken generated deps reported by mtasaka (#463899)
- script the replacement of tcl with tclsh to fix missing dtk-soft
- replace python2.4 with python in HTTPSpeaker.py
* Thu Sep 25 2008 Jens Petersen <petersen at redhat.com> - 28.0-1
- update to 28.0 with emacspeak-28.0-no-httpd.patch
- replace emacspeak-tcl-pkgreq-tclx.patch with sed
- emacspeak-no-linux-espeak.patch no longer needed
- update emacspeak-15.0-fixpref.patch for patch fuzz
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #463819 - CVE-2008-4191 emacspeak: Insecure auxiliary /tmp file usage (symlink attack possible) [Fedora 8]
        https://bugzilla.redhat.com/show_bug.cgi?id=463819
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update emacspeak' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list