Description of problem: mingw32-OpenSceneGraph source rpm, as shipped with Fedora-13 contains embedded copy of lib3ds library (its relevant code parts vulnerable to CVE-2010-0280 flaw). This problem has already been addressed in OpenSceneGraph. Version-Release number of selected component (if applicable): Name: mingw32-OpenSceneGraph Version: 2.8.2 Release: 2.fc13 Additional info: This is the same vulnerability as has been fixed in OpenSceneGraph. https://bugzilla.redhat.com/show_bug.cgi?id=646104 See also: [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0280 and patch from: [2] https://bugzilla.redhat.com/show_bug.cgi?id=633475#c4
mingw32-OpenSceneGraph-2.8.2-3.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/mingw32-OpenSceneGraph-2.8.2-3.fc13
mingw32-OpenSceneGraph-2.8.2-3.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mingw32-OpenSceneGraph'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/mingw32-OpenSceneGraph-2.8.2-3.fc13
mingw32-OpenSceneGraph-2.8.2-3.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.