[SECURITY] Fedora 14 Update: mongoose-3.0-2.fc14

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 8 07:09:52 UTC 2011


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-11825
2011-08-31 00:52:43
--------------------------------------------------------------------------------

Name        : mongoose
Product     : Fedora 14
Version     : 3.0
Release     : 2.fc14
URL         : http://code.google.com/p/mongoose
Summary     : An easy-to-use self-sufficient web server
Description :
Mongoose web server executable is self-sufficient, it does not depend on
anything to start serving requests. If it is copied to any directory and
executed, it starts to serve that directory on port 8080 (so to access files,
go to http://localhost:8080). If some additional configuration is required -
for example, different listening port or IP-based access control, then a
'mongoose.conf' file with respective options can be created in the same
directory where executable lives. This makes Mongoose perfect for all sorts
of demos, quick tests, file sharing, and Web programming.

--------------------------------------------------------------------------------
Update Information:

Add upstream patch to fix CVE-2011-2900
--------------------------------------------------------------------------------
ChangeLog:

* Sat Aug 27 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-2
- Add upstream patch to fix CVE-2011-2900 (729146)
* Mon Jul 25 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-1
- Rebuilt for Fedora's inclusion, after scracth-build successful tests.
* Mon Jul 25 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-0
- Packaged mongoose's upstream 3.0 release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #729145 - CVE-2011-2900 mongoose: stack-based buffer overflow flaw in put_dir()
        https://bugzilla.redhat.com/show_bug.cgi?id=729145
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mongoose' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list