[SECURITY] Fedora 16 Update: gdal-1.7.3-15.fc16

updates at fedoraproject.org updates at fedoraproject.org
Sun Feb 3 13:38:02 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-1494
2013-01-25 20:33:25
--------------------------------------------------------------------------------

Name        : gdal
Product     : Fedora 16
Version     : 1.7.3
Release     : 15.fc16
URL         : http://www.gdal.org/
Summary     : GIS file format library
Description :
The GDAL library provides support to handle multiple GIS file formats.

--------------------------------------------------------------------------------
Update Information:

Security libwebp release, where an integer overflow allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 23 2013 Rex Dieter <rdieter at fedoraproject.org> 1.7.3-15
- rebuild (libwebp)
* Sun Feb 19 2012 Volker Fröhlich <volker27 at gmx.at> - 1.7.3-14
- Require Ruby abi
- Add patch for Ruby 1.9 include dir, back-ported from GDAL 1.9
- Change version string for gdal-config from <version>-fedora to
  <version>
- Revert installation path for Ruby modules, as it proved wrong
- Use libjpeg-turbo
* Thu Feb  9 2012 Volker Fröhlich <volker27 at gmx.at> - 1.7.3-13
- Rebuild for Ruby 1.9
  http://lists.fedoraproject.org/pipermail/ruby-sig/2012-January/000805.html
* Tue Jan 10 2012 Volker Fröhlich <volker27 at gmx.at> - 1.7.3-12
- Remove FC10 specific patch0
- Versioned MODULE_COMPAT_ Requires for Perl (BZ 768265)
- Add isa macro to base package Requires
- Remove conditional for xerces_c in EL6, as EL6 has xerces_c
  even for ppc64 via EPEL
- Remove EL4 conditionals
- Replace the python_lib macro definition and install Python bindings
  to sitearch directory, where they belong
- Use correct dap library names for linking
- Correct Ruby installation path in the Makefile instead of moving it later
- Use libdir variable in ppc64 Python path
- Delete obsolete chmod for Python libraries
- Move correction for Doxygen footer to prep section
- Delete bundled libraries before building
- Build without bsb and remove it from the tarball
- Use mavenpomdir macro and be a bit more precise on manpages in
  the files section
- Remove elements for grass support --> Will be replaced by plug-in
- Remove unnecessary defattr
- Correct version number in POM
- Allow for libpng 1.5
* Tue Dec  6 2011 Adam Jackson <ajax at redhat.com> - 1.7.3-11
- Rebuild for new libpng
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #875071 - CVE-2012-5127 libwebp: Integer overflow when processing crafted WebP image
        https://bugzilla.redhat.com/show_bug.cgi?id=875071
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gdal' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list