Fedora 14 : feh-1.14.1-1.fc14 (2011-8747)

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Changes since 0.10.1 :

- Bug fixes * Make zoom_default key work properly with
--geometry * Only create caption directory when actually
writing out a caption.
<http://github.com/derf/feh/issues/42> * read directory
contents sorted by filename instead of 'randomly' (as
returned by readdir) by default. Thanks talisein!
<https://github.com/derf/feh/pull/20> * Show certain
warnings in the image window as well as on the
commandline <http://github.com/derf/feh/issues/43> *
Change a patch for NETWM fullscreen support to only
apply to fullscreen windows. This fixes the moving
windows bug in fluxbox (since fluxbox doesn't report its
window border width).
<http://github.com/derf/feh/issues/22>
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570903
> * Minor manpage fixes.
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625683
> * Fix --auto-zoom / --zoom max/fill documentation, the
'Auto-Zoom' menu option is now always checked when these
options are used * Set _NET_WM_NAME and
_NET_WM_ICON_NAME properties
<http://github.com/derf/feh/issues/44> * The
zoom_default key now works fine with --scale-down
<http://github.com/derf/feh/issues/41> * Fix access of
uninitialized memory / malloc/realloc clash in continued
theme definition handling. Having a theme line with just
one option/value pair used to produce undefined
behaviour * Fix segfault upon unloadable images when
image-related format specifiers (e.g. %h) are used in
--title * Fix Imlib2 caching bug in reload (only worked
after the second try) * Show correct image dimensions in
for cached thumbnails * Fix zooming when --scale-down is
used * Make in/out zoom use equal zoom ratio

- Behavior changes/compatability * --menu-style is now
deprecated * The --menu-bg option has been deprecated.
It will be removed along with --menu-style by the end of
2012. <http://github.com/derf/feh/issues/27> * Since the
manual is way better structured and more detailed than
the --help output, it now simply refers to the manual. *
The 'A' key (toggle_aliasing) now actually changes the
current window, and not just the default for new windows
* Show images in current directory when invoked without
file arguments * The --bg options are now
Xinerama-aware. That is, they set the image in the
respective mode (scale/fill/max/center) on each Xinerama
screen. Use --no-xinerama to disable this. * Add --zoom
fill as equivalent for --auto-zoom * Remove builtin http
client (--builtin) * http images are now viewed using
libcurl, not wget (thanks to talisein) This adds libcurl
as dependency, and removes the wget recommendation *
Allow commandline options to override those set in a
theme * Remove support for FEH_OPTIONS (was deprecated
>5 years ago) * Restrict available modifiers to
Control/Mod1/Mod4 * The themes are now read from
~/.config/feh/themes (BC for .fehrc exists) * Key
bindings can now be configured via ~/.config/feh/keys *
Removes --rcpath, use XDG_CONFIG_HOME instead * Increase
movement steps for Ctrl+Left etc.

- Features * You can now use the next/prev/jump keys to
navigate thumbnails. Use the render key to open the
currently selected thumbnail.
<http://github.com/derf/feh/issues/26> * Option to
disable antialiasing, either global (--force-aliasing)
or per image (press 'A' to toggle, keybinding
toggle_aliasing) * Use SIGUSR1/SIGUSR2 to reload all
images in multiwindow mode * Add --zoom max (zooming
like in --bg-max)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570903
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625683
http://github.com/derf/feh/issues/22
http://github.com/derf/feh/issues/26
http://github.com/derf/feh/issues/27
http://github.com/derf/feh/issues/41
http://github.com/derf/feh/issues/42
http://github.com/derf/feh/issues/43
http://github.com/derf/feh/issues/44
https://bugzilla.redhat.com/show_bug.cgi?id=676389
https://github.com/derf/feh/pull/20
http://www.nessus.org/u?2ec59727

Solution :

Update the affected feh package.

Risk factor :

Low / CVSS Base Score : 3.3
(CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score : 2.9
(CVSS2#E:ND/RL:OF/RC:ND)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 55498 ()

Bugtraq ID: 46182

CVE ID: CVE-2011-0702

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now