Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Red Hat Security Advisory: Potential security problem in gnumeric 0.23

Jul 25, 1999, 03:14 (2 Talkback[s])
Date: Sat, 24 Jul 1999 18:11:28 -0400
From: Bill Nottingham
To: redhat-watch-list@redhat.com

---------------------------------------------------------------------
                   Red Hat, Inc. Security Advisory

Synopsis:               Potential security problem in gnumeric 0.23
Advisory ID:            RHSA-1999:023-01
Issue date:             1999-07-23
Keywords:               gnumeric security
---------------------------------------------------------------------

1. Topic:

A potential security problem has been fixed in the gnumeric spreadsheet
package.

2. Bug IDs fixed:

3. Relevant releases/architectures:

Red Hat Linux 6.0, all architectures

4. Obsoleted by:
None.

5. Conflicts with:
None.

6. RPMs required:

Intel: ftp://updates.redhat.com/6.0/i386

        gnumeric-0.27-1.i386.rpm

Alpha: ftp://updates.redhat.com/6.0/alpha

        gnumeric-0.27-1.alpha.rpm

Sparc: ftp://updates.redhat.com/6.0/sparc

        gnumeric-0.27-1.sparc.rpm

7. Problem description:

At the request of the gnumeric maintainer a new version is being released by
Red Hat which addresses potential security issues with the version of
gnumeric shipped in Red Hat Linux 6.0.

8. Solution:

Upgrade to the latest version listed above.

9. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
41d67505f1c53ce16ea66cec874deb87  gnumeric-0.27-1.i386.rpm
89451cf299e475197350ef0367edda63  gnumeric-0.27-1.alpha.rpm
c35d7f9a29fd9421ef4d5b1ac44d6b8e  gnumeric-0.27-1.sparc.rpm
b28c5742c32c3d69b8e6713bb7c6f789  gnumeric-0.27-1.src.rpm

These packages are also PGP signed by Red Hat Inc. for security. Our
key is available at:

http://www.redhat.com/corp/contact.html
You can verify each package with the following command:

rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:

rpm --checksig --nopgp 

10. References:

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------