-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-10591 2012-07-12 18:18:04 --------------------------------------------------------------------------------
Name : raptor Product : Fedora 17 Version : 1.4.21 Release : 12.fc17 URL : http://librdf.org/raptor/ Summary : Raptor RDF Parser Toolkit for Redland Description : Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples.
-------------------------------------------------------------------------------- Update Information:
This is new version of package that fixes CVE-2012-0037. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 12 2012 Jaroslav Škarvada jskarvad@redhat.com - 1.4.21-12 - Fixed XML entity expansion that could lead to information disclosure (CVE-2012-0037) Resolves: rhbz#805941 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #805941 - CVE-2012-0037 raptor: XML External Entity (XXE) attack by processing certain RDF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=805941 --------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use su -c 'yum update raptor' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org