-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2010-3384 2010-09-14 16:58:21 --------------------------------------------------------------------------------
Name : cabextract Product : Fedora EPEL 5 Version : 1.3 Release : 1.el5 URL : http://www.cabextract.org.uk/ Summary : Utility for extracting cabinet (.cab) archives Description : cabextract is a program which can extract files from cabinet (.cab) archives.
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #620450 - CVE-2010-2800 cabextract: Infinite loop in MS-ZIP and Quantum decoders https://bugzilla.redhat.com/show_bug.cgi?id=620450 [ 2 ] Bug #620454 - CVE-2010-2801 cabextract: Integer wrap-around (crash) by processing certain *.cab files in test archive mode https://bugzilla.redhat.com/show_bug.cgi?id=620454 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update cabextract' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org