Fedora Local Security Checks : Fedora Core 7 FEDORA-2007-2989 (hugin)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.59851

Category: Fedora Local Security Checks

Title: Fedora Core 7 FEDORA-2007-2989 (hugin)

Summary: NOSUMMARY

Description: Description:

The remote host is missing an update to hugin
announced via advisory FEDORA-2007-2989.

hugin can be used to stitch multiple images together. The resulting image can
span 360 degrees. Another common use is the creation of very high resolution
pictures by combining multiple images. It uses the Panorama Tools as backend
to create high quality images

ChangeLog:

* Mon Nov 5 2007 Bruno Postle 0.6.1-11
- fix for CVE-2007-5200 hugin unsafe temporary file usage
- bug #332401
bug #362851
bug #362861
bug #362871
- fix Source tag
- update license GPL -> GPLv2+
* Mon Aug 13 2007 Bruno Postle 0.6.1-7
- rebuild for boost soname change
- add enblend dependency as enblend is now in fedora
References:

[ 1 ] Bug #332401 - CVE-2007-5200 hugin unsafe temporary file usage
https://bugzilla.redhat.com/show_bug.cgi?id=332401
[ 2 ] Bug #362851 - CVE-2007-5200 hugin unsafe temporary file usage [F7]
https://bugzilla.redhat.com/show_bug.cgi?id=362851
[ 3 ] CVE-2007-5200
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5200
Updated packages:

8af63a7bc7e4864faf75ea816ed8c8a76f2e706b hugin-debuginfo-0.6.1-11.fc7.ppc64.rpm
e7c50904cd16cb8212608a0b775b0fc5c7bd3b3f hugin-0.6.1-11.fc7.ppc64.rpm
9a3cfb48582aacb5ea3fa6991b6903ebbfd0b6d0 hugin-debuginfo-0.6.1-11.fc7.i386.rpm
99b0bc262f848bee0d27b0a78a0d064694d86863 hugin-0.6.1-11.fc7.i386.rpm
ea0eee8723fdbd6659ca7e2ed04476103f4a1b7f hugin-debuginfo-0.6.1-11.fc7.x86_64.rpm
7b12021c536d7d2698692fa6521e3e700d051c7a hugin-0.6.1-11.fc7.x86_64.rpm
aa16c2d48819b265f7f71f0c1974e6ef9e1c4b96 hugin-debuginfo-0.6.1-11.fc7.ppc.rpm
c962b0be781076ad1e21668110f01a8fc599fd56 hugin-0.6.1-11.fc7.ppc.rpm
9bb792921d65919ea6a23cdc312e6a62af916e2e hugin-0.6.1-11.fc7.src.rpm

This update can be installed with the yum update program. Use
su -c 'yum update hugin'
at the command line. For more information, refer to Managing Software
with yum, available at http://docs.fedoraproject.org/yum/.

Solution: Apply the appropriate updates.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2989

Risk factor : Medium

CVSS Score:
3.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-5200
BugTraq ID: 26730
http://www.securityfocus.com/bid/26730
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00199.html
http://security.gentoo.org/glsa/glsa-200712-01.xml
http://osvdb.org/42224
http://secunia.com/advisories/27229
http://secunia.com/advisories/27623
http://secunia.com/advisories/27653
http://secunia.com/advisories/27952
SuSE Security Announcement: SUSE-SR:2007:020 (Google Search)
http://www.novell.com/linux/security/advisories/2007_20_sr.html

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.59851
Category:	Fedora Local Security Checks
Title:	Fedora Core 7 FEDORA-2007-2989 (hugin)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to hugin announced via advisory FEDORA-2007-2989. hugin can be used to stitch multiple images together. The resulting image can span 360 degrees. Another common use is the creation of very high resolution pictures by combining multiple images. It uses the Panorama Tools as backend to create high quality images ChangeLog: * Mon Nov 5 2007 Bruno Postle 0.6.1-11 - fix for CVE-2007-5200 hugin unsafe temporary file usage - bug #332401 bug #362851 bug #362861 bug #362871 - fix Source tag - update license GPL -> GPLv2+ * Mon Aug 13 2007 Bruno Postle 0.6.1-7 - rebuild for boost soname change - add enblend dependency as enblend is now in fedora References: [ 1 ] Bug #332401 - CVE-2007-5200 hugin unsafe temporary file usage https://bugzilla.redhat.com/show_bug.cgi?id=332401 [ 2 ] Bug #362851 - CVE-2007-5200 hugin unsafe temporary file usage [F7] https://bugzilla.redhat.com/show_bug.cgi?id=362851 [ 3 ] CVE-2007-5200 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5200 Updated packages: 8af63a7bc7e4864faf75ea816ed8c8a76f2e706b hugin-debuginfo-0.6.1-11.fc7.ppc64.rpm e7c50904cd16cb8212608a0b775b0fc5c7bd3b3f hugin-0.6.1-11.fc7.ppc64.rpm 9a3cfb48582aacb5ea3fa6991b6903ebbfd0b6d0 hugin-debuginfo-0.6.1-11.fc7.i386.rpm 99b0bc262f848bee0d27b0a78a0d064694d86863 hugin-0.6.1-11.fc7.i386.rpm ea0eee8723fdbd6659ca7e2ed04476103f4a1b7f hugin-debuginfo-0.6.1-11.fc7.x86_64.rpm 7b12021c536d7d2698692fa6521e3e700d051c7a hugin-0.6.1-11.fc7.x86_64.rpm aa16c2d48819b265f7f71f0c1974e6ef9e1c4b96 hugin-debuginfo-0.6.1-11.fc7.ppc.rpm c962b0be781076ad1e21668110f01a8fc599fd56 hugin-0.6.1-11.fc7.ppc.rpm 9bb792921d65919ea6a23cdc312e6a62af916e2e hugin-0.6.1-11.fc7.src.rpm This update can be installed with the yum update program. Use su -c 'yum update hugin' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2989 Risk factor : Medium CVSS Score: 3.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5200 BugTraq ID: 26730 http://www.securityfocus.com/bid/26730 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00199.html http://security.gentoo.org/glsa/glsa-200712-01.xml http://osvdb.org/42224 http://secunia.com/advisories/27229 http://secunia.com/advisories/27623 http://secunia.com/advisories/27653 http://secunia.com/advisories/27952 SuSE Security Announcement: SUSE-SR:2007:020 (Google Search) http://www.novell.com/linux/security/advisories/2007_20_sr.html
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com