[SECURITY] Fedora 11 Update: html2ps-1.0-0.3.b5.fc11
updates at fedoraproject.org
updates at fedoraproject.org
Tue May 25 18:37:40 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-7803
2010-05-04 05:49:37
--------------------------------------------------------------------------------
Name : html2ps
Product : Fedora 11
Version : 1.0
Release : 0.3.b5.fc11
URL : http://user.it.uu.se/~jan/html2ps.html
Summary : HTML to PostScript converter
Description :
An HTML to PostScript converter written in Perl.
* Many possibilities to control the appearance.
* Support for processing multiple documents.
* A table of contents can be generated.
* Configurable page headers/footers.
* Automatic hyphenation and text justification can be selected.
--------------------------------------------------------------------------------
Update Information:
Fix SSI directory traversal and clean spec file up
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 3 2010 Petr Pisar <ppisar at redhat.com> - 1.0-0.3.b5
- Fix SSI directory traversal (#530403)
- Fix spelling
- Default attributes for xhtml2ps %files
- Replace libpaper dependency with paperconf binary to make rpmlint happy
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #526513 - html2ps: arbitrary file disclosure in SSI directives
https://bugzilla.redhat.com/show_bug.cgi?id=526513
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update html2ps' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list