September 2004 - announce - Fedora Mailing-Lists

Fedora Core 2 Update: system-config-samba-1.2.15-0.fc2.1

by Nils Philippsen

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-306 2004-09-27 --------------------------------------------------------------------- Product : Fedora Core 2 Name : system-config-samba Version : 1.2.15 Release : 0.fc2.1 Summary : Samba server configuration tool Description : system-config-samba is a graphical user interface for creating, modifying, and deleting samba shares. --------------------------------------------------------------------- * Wed Sep 15 2004 Nils Philippsen <nphilipp(a)redhat.com> - 1.2.15-0.fc2.1 - write smbpasswd file when adding user (#132084) * Sun Aug 15 2004 Nils Philippsen <nphilipp(a)redhat.com> - 1.2.14-1 - make share name configurable (#110804, use patch from Philip Van Hoof, fix it up a bit) - do some more code consolidation * Tue Jul 20 2004 Brent Fox <bfox(a)redhat.com> - 1.2.13-1 - add 'cups option' entry (bug #128245) * Wed Jun 23 2004 Brent Fox <bfox(a)redhat.com> - 1.2.12-1 - use popen instead of system (bug #112528) * Tue Jun 22 2004 Brent Fox <bfox(a)redhat.com> - 1.2.11-1 - fix security and guest account defaults (bug #121745) * Mon Jun 21 2004 Brent Fox <bfox(a)redhat.com> - 1.2.10-1 - write workgroup name explicitly (bug #126435) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 8b3d71dd9cf6cf0df9e45d6e72756c6a SRPMS/system-config-samba-1.2.15-0.fc2.1.src.rpm 0464a33daa2fc24b77a508935a611367 x86_64/system-config-samba-1.2.15-0.fc2.1.noarch.rpm 0464a33daa2fc24b77a508935a611367 i386/system-config-samba-1.2.15-0.fc2.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- Nils Philippsen / Red Hat / nphilipp(a)redhat.com "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- B. Franklin, 1759 PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011

19 years, 7 months

1
0
0 / 0

[ANNOUNCE] New mailing list: fedora-tools-list

by Elena Zannoni

This is to announce the availability of a new Fedora mailing list for tools specific discussions. The term "tools" includes packages like gcc, gdb, binutils, glibc, oprofile, libstdc++, elfutils, etc... The list is for users and developers posting bug reports, usage questions and answers, patches and test results, etc. For subscription details see: http://www.redhat.com/mailman/listinfo/fedora-tools-list

19 years, 7 months

1
0
0 / 0

[SECURITY] Fedora Core 2 Update: subversion-1.0.8-1

by Joe Orton

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-318 2004-09-23 --------------------------------------------------------------------- Product : Fedora Core 2 Name : subversion Version : 1.0.8 Release : 1 Summary : Modern Version Control System designed to replace CVS Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. --------------------------------------------------------------------- Update Information: This update includes the latest stable release of Subversion, including a security fix for information disclosure bugs in handling of metadata (such as log messages) in repositories using mod_authz_svn for path-based access-control (CAN-2004-0749). --------------------------------------------------------------------- * Thu Sep 23 2004 Joe Orton <jorton(a)redhat.com> 1.0.8-1 - update to 1.0.8 (mod_authz_svn security fix, CAN-2004-0749) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ c8e5bdf05d542ad3ba3e491a7866401e SRPMS/subversion-1.0.8-1.src.rpm 63915e9ecdc55267108493a1a27234d7 x86_64/subversion-1.0.8-1.x86_64.rpm 560ec06f7756d22cdaa8f2a7522acf52 x86_64/subversion-devel-1.0.8-1.x86_64.rpm 0cd133ee95123c620cf9b859d7bd225e x86_64/mod_dav_svn-1.0.8-1.x86_64.rpm ba61830fb3a8be68f5c39bc0dca642f3 x86_64/subversion-perl-1.0.8-1.x86_64.rpm 171925d1eb6db9173a8d12c8027f36a5 x86_64/debug/subversion-debuginfo-1.0.8-1.x86_64.rpm 4a2484241e2d01bfe6f912d3adb34ab3 i386/subversion-1.0.8-1.i386.rpm 4d2cf86a62a1a166a251d4febd0bb60b i386/subversion-devel-1.0.8-1.i386.rpm 1414749aefab44d7356b6c9b55a47c44 i386/mod_dav_svn-1.0.8-1.i386.rpm 7e1b229e3f790b394006672e4f813be5 i386/subversion-perl-1.0.8-1.i386.rpm 97550cc2bd748cf71a9bd46c665e8381 i386/debug/subversion-debuginfo-1.0.8-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

19 years, 7 months

1
0
0 / 0

[SECURITY] Fedora Core 2 Update: httpd-2.0.51-2.7

by Joe Orton

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-313 2004-09-23 --------------------------------------------------------------------- Product : Fedora Core 2 Name : httpd Version : 2.0.51 Release : 2.7 Summary : Apache HTTP Server Description : Apache is a powerful, full-featured, efficient, and freely-available Web server. Apache is also the most popular Web server on the Internet. --------------------------------------------------------------------- This update includes the latest stable release of Apache httpd 2.0, including fixes for possible denial of service issues in mod_ssl (CAN-2004-0751, CAN-2004-0747) and mod_dav_fs (CAN-2004-0809), and a privilege elevation attack for local users (CAN-2004-0747). Note that these packages do also contain the fix for a regression in Satisfy handling in the 2.0.51 release (CAN-2004-0811). --------------------------------------------------------------------- * Tue Sep 21 2004 Joe Orton <jorton(a)redhat.com> 2.0.51-2.7 - ap_rgetline_core fix from Rici Lake * Tue Sep 21 2004 Joe Orton <jorton(a)redhat.com> 2.0.51-2.6 - fix 2.0.51 regression in Satisfy merging (CAN-2004-0811) * Thu Sep 16 2004 Joe Orton <jorton(a)redhat.com> 2.0.51-2.5 - mod_ssl: prevent SIGHUP-triggers-SIGSEGV after upgrade from 2.0.50 - revert mod_ldap/mod_auth_ldap changes likewise * Wed Sep 15 2004 Joe Orton <jorton(a)redhat.com> 2.0.51-2.1 - update to 2.0.51, including security fixes for: * core: CAN-2004-0747 * mod_dav_fs: CAN-2004-0809 * mod_ssl: CAN-2004-0751, CAN-2004-0748 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 99c4698c12b5ce206fe1d421a0d24626 SRPMS/httpd-2.0.51-2.7.src.rpm e015611ce4a96ef0488eb772d4e20e95 x86_64/httpd-2.0.51-2.7.x86_64.rpm 9d4c7c3db22fe5b8b5db8f0e6229c9c1 x86_64/httpd-devel-2.0.51-2.7.x86_64.rpm 0d5eaca4b6a0ca22dfb164438f0df73d x86_64/httpd-manual-2.0.51-2.7.x86_64.rpm 6ae2964daebddd4630a143712583929b x86_64/mod_ssl-2.0.51-2.7.x86_64.rpm a87b486fe234e674ec7a7040da825874 x86_64/debug/httpd-debuginfo-2.0.51-2.7.x86_64.rpm 6ce668b14a339a895c1f94d3d2c74344 i386/httpd-2.0.51-2.7.i386.rpm bf2d5ce617b715efb85a6bef1dcc1ff6 i386/httpd-devel-2.0.51-2.7.i386.rpm 7fdc3fd7ffd27e10ed608bad819f8203 i386/httpd-manual-2.0.51-2.7.i386.rpm df387ada50ec5a154d840ae8d3996157 i386/mod_ssl-2.0.51-2.7.i386.rpm feb541c52c040b0e12c879a3f264f5b7 i386/debug/httpd-debuginfo-2.0.51-2.7.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

19 years, 7 months

1
0
0 / 0

Fedora Core 2 Update: gtk2-2.4.7-2.6

by Matthias Clasen

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-314 2004-09-23 --------------------------------------------------------------------- Product : Fedora Core 2 Name : gtk2 Version : 2.4.7 Release : 2.6 Summary : The GIMP ToolKit (GTK+), a library for creating GUIs for X. Description : GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a complete set of widgets, GTK+ is suitable for projects ranging from small one-off tools to complete application suites. --------------------------------------------------------------------- Update Information: The previous update for the gtk2 contained a bug which breaks image thumbnailing in Nautilus. This update fixes the problem. --------------------------------------------------------------------- * Tue Sep 21 2004 Matthias Clasen <mclasen(a)redhat.com> - 2.4.7-2.6 - Fix image thumbnailing in nautilus. (#132836) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 817a8555fdbcd2bd5b0691dc37921e43 SRPMS/gtk2-2.4.7-2.6.src.rpm 98bcadd966860e9784006055b42f6d1a x86_64/gtk2-2.4.7-2.6.x86_64.rpm 6eae821587a1642daffaf1ad8e82069c x86_64/gtk2-devel-2.4.7-2.6.x86_64.rpm 2e2a98ec0a34120fa27d4cb96ff71857 x86_64/debug/gtk2-debuginfo-2.4.7-2.6.x86_64.rpm dc38b91b5fcb674f555b5706ddfe0428 x86_64/gtk2-2.4.7-2.6.i386.rpm dc38b91b5fcb674f555b5706ddfe0428 i386/gtk2-2.4.7-2.6.i386.rpm 5faf6ef80013a2f4ae2a041b7aa3c33e i386/gtk2-devel-2.4.7-2.6.i386.rpm 32653464cb99dc72f1f912153aa43283 i386/debug/gtk2-debuginfo-2.4.7-2.6.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

19 years, 7 months

1
0
0 / 0

[SECURITY] Fedora Core 2 Update: foomatic-3.0.1-3.1

by Josh Bressers

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-303 2004-09-21 --------------------------------------------------------------------- Product : Fedora Core 2 Name : foomatic Version : 3.0.1 Release : 3.1 Summary : Foomatic printer database. Description : Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. It contains utilities to generate driver description files and printer queues for CUPS, LPD, LPRng, and PDQ using the database. There is also the possibility to read the PJL options out of PJL-capable laser printers and take them into account at the driver description file generation. There are spooler-independent command line interfaces to manipulate queues (foomatic-configure) and to print files/manipulate jobs (foomatic printjob). The site http://www.linuxprinting.org/ is based on this database. --------------------------------------------------------------------- Update Information: Sebastian Krahmer reported a bug in the cupsomatic and foomatic-rip print filters, used by the CUPS print spooler. An attacker who has printing access could send a carefully named file to the print server causing arbitrary commands to be executed as root. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0801 to this issue. --------------------------------------------------------------------- * Fri Sep 10 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.1-3.1 - Fix security issue (CAN-2004-0801, bug #130951). Patch from Till Kamppeter. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ cab9692a6b2b0161f73b1b9039c6f491 SRPMS/foomatic-3.0.1-3.1.src.rpm 46227411cf108d7436169f198514aca0 x86_64/foomatic-3.0.1-3.1.x86_64.rpm ea451e8bd0b25fbcd5d22faad369a4fb x86_64/debug/foomatic-debuginfo-3.0.1-3.1.x86_64.rpm 571e627239ed4bb5c53d7298f54a56de i386/foomatic-3.0.1-3.1.i386.rpm 7eac2a20ce6fd91a7be07c9b797d3fc6 i386/debug/foomatic-debuginfo-3.0.1-3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

19 years, 7 months

1
0
0 / 0

Fedora Core 1 Transferred to Fedora Legacy

by Bill Nottingham

Fedora Core 1 Transferred to Fedora Legacy With the release of Fedora Core 3 Test 2, the Fedora Steering Committee would like to announce the transfer of Fedora Core 1 to the Fedora Legacy Project. This means that updates for Fedora Core 1 will no longer be posted at http://download.fedora.redhat.com/. For more information on the Fedora Legacy Project, or if you wish to join the team please see http://fedoralegacy.org/.

19 years, 7 months

1
0
0 / 0

Announcing Fedora Core 3 Test 2

by Bill Nottingham

Coming soon to a site near you... for the first time, it's the new, digitally remastered, Fedora Core 3 Test 2! Now, you can take home this never before seen four-disc set, chock full of new software and exciting bonus features! Includes hundreds of new and updated packages over the original edition, including: - a minor change to the device model, switching from a static /dev to a dynamic /dev provided by udev - SELinux enablement - the GNOME 2.8 release candidate - KDE 3.3.0 - X.org X11 6.8.0 Please report problems at: http://bugzilla.redhat.com/bugzilla File bugs against product 'Fedora Core', release 'fc3test2'. For more information on just waht the Fedora Project and Fedora Core is, please see: http://fedora.redhat.com/ Fedora Core 3 Test 2 is available at the following sites: * North America: * USA East: * ftp://ftp.linux.ncsu.edu/pub/fedora/linux/core/test/2.91/ * http://ftp.ndlug.nd.edu/pub/fedora/linux/core/test/2.91/ * ftp://ftp.ndlug.nd.edu/pub/fedora/linux/core/test/2.91/ * ftp://mirror.cs.princeton.edu/pub/mirrors/fedora/linux/core/test/2.91/ * http://ftp.dc.aleron.net/linux/fedora/linux/core/test/2.91 * ftp://ftp.dc.aleron.net/linux/fedora/linux/core/test/2.91 * rsync://ftp.dc.aleron.net::fedora-linux-core-test/2.91/ * ftp://redhat.secsup.org/pub/linux/redhat/fedora/core/test/2.91 * http://redhat.secsup.org/fedora/core/test/2.91 * ftp://mirror.clarkson.edu/pub/distributions/fedora/linux/core/test/2.91/ * http://mirror.clarkson.edu/pub/distributions/fedora/linux/core/test/2.91/ * ftp://ftp.cse.buffalo.edu/pub/fedora/linux/core/test/2.91/ * ftp://ftp.ale.org/mirrors/fedora/linux/core/test/2.91 * http://ftp.ale.org/mirrors/fedora/linux/core/test/2.91 * ftp://ftp.gtlib.cc.gatech.edu/pub/fedora.redhat/linux/core/test/2.91 * http://www.gtlib.cc.gatech.edu/pub/fedora.redhat/linux/core/test/2.91 * rsync://rsync.gtlib.cc.gatech.edu/fedora-linux-core/test/2.91 * ftp://mirror.eas.muohio.edu/pub/fedora/linux/core/test/2.91 * http://mirror.hiwaay.net/redhat/fedora/linux/core/test/2.91/ * ftp://mirror.hiwaay.net/redhat/fedora/linux/core/test/2.91/ * rsync://mirror.hiwaay.net/fedora-linux-core-test/2.91/ * http://mirror.linux.duke.edu/pub/fedora/linux/core/test/2.91/ * ftp://mirror.linux.duke.edu/pub/fedora/linux/core/test/2.91/ * rsync://mirror.linux.duke.edu/fedora-linux-core/test/2.91/ * USA West: * http://fedora.cat.pdx.edu/linux/core/test/2.91/ * rsync://fedora.cat.pdx.edu/fedora-linux-core-test/2.91/ * Canada: * ftp://less.cogeco.net/pub/fedora/linux/core/test/2.91/ * http://mirror.cpsc.ucalgary.ca/mirror/fedora/linux/core/test/2.91/ * ftp://mirror.cpsc.ucalgary.ca/mirror/fedora/linux/core/test/2.91/ * rsync://mirror.cpsc.ucalgary.ca/fedora/linux/core/test/2.91/ * http://gulus.USherbrooke.ca/pub/distro/fedora/linux/core/test/2.91/ * South America: * Portugal: * http://tux.cprm.net/pub/ftp.redhat.com/fedora/linux/core/test/2.91 * ftp://tux.cprm.net/pub/ftp.redhat.com/fedora/linux/core/test/2.91 * Europe: * Austria: * ftp://gd.tuwien.ac.at/opsys/linux/fedora/core/test/2.91/ * http://gd.tuwien.ac.at/opsys/linux/fedora/core/test/2.91/ * rsync://gd.tuwien.ac.at/opsys/linux/fedora/core/test/2.91/ * Czech Republic: * ftp://ftp.fi.muni.cz/pub/linux/fedora-core/test/2.91/ * rsync://ftp.fi.muni.cz/pub/linux/fedora-core/test/2.91/ * ftp://ftp6.linux.cz/pub/linux/fedora-core/test/2.91/ (IPv6) * ftp://sunsite.mff.cuni.cz/pub/fedora/test/2.91/ * http://sunsite.mff.cuni.cz/pub/fedora/test/2.91/ * rsync://sunsite.mff.cuni.cz/fedora/fedora/test/2.91/ * ftp://ultra.linux.cz/pub/fedora/test/2.91/ * ftp://ftp1.skynet.cz/pub/linux/fedora/test/2.91 * Denmark: * ftp://klid.dk/fedora/linux/core/test/2.91 * Finland: * http://ftp.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core/test... - i386 only * ftp://ftp.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core/test/... - i386 only * http://ftp.ipv6.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core... - i386 only * ftp://ftp.ipv6.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core/... - i386 only * France: * ftp://ftp.ciril.fr/pub/linux/fedora/linux/core/test/2.91 * Germany: * ftp://sunsite.informatik.rwth-aachen.de/pub/linux/fedora-core/test/2.91 * http://sunsite.informatik.rwth-aachen.de/ftp/pub/linux/fedora-core/test/2.91 * ftp://ftp.tu-chemnitz.de/pub/linux/fedora-core/test/2.91/ * http://ftp.tu-chemnitz.de/pub/linux/fedora-core/test/2.91/ * http://download.atrpms.net/mirrors/fedoracore/test/2.91/ * ftp://ftp.stw-bonn.de/pub/mirror/fedora/linux/core/test/2.91/ * http://ftp.stw-bonn.de/pub/mirror/fedora/linux/core/test/2.91/ * ftp://ftp.uni-bayreuth.de/pub/linux/fedora/linux/core/test/2.91 * rsync://rsync.uni-bayreuth.de/fedora-linux-core/test/2.91 * ftp://ftp.join.uni-muenster.de/pub/linux/distributions/fedora/linux/core/test/2.91 * rsync://ftp.join.uni-muenster.de/fedora-linux-core-test/2.91/ * Ireland: * http://ftp.esat.net/mirrors/download.fedora.redhat.com/pub/fedora/linux/c... * ftp://ftp.esat.net/mirrors/download.fedora.redhat.com/pub/fedora/linux/co... * rsync://ftp.esat.net/mirrors/download.fedora.redhat.com/pub/fedora/linux/... * http://ftp.heanet.ie/pub/fedora/linux/core/test/2.91/ * ftp://ftp.heanet.ie/pub/fedora/linux/core/test/2.91/ * rsync://ftp.heanet.ie/pub/fedora/linux/core/test/2.91/ * Netherlands: * ftp://alviss.et.tudelft.nl/pub/fedora/core/test/2.91/ * ftp://ftp.quicknet.nl/pub/Linux/download.fedora.redhat.com/test/2.91/ * ftp://ftp.eu.uu.net/pub/linux/fedora/test/2.91/ * Poland: * ftp://sunsite.icm.edu.pl/pub/Linux/fedora/linux/core/test/2.91/ * http://sunsite.icm.edu.pl/pub/Linux/fedora/linux/core/test/2.91/ * rsync://sunsite.icm.edu.pl/pub/Linux/fedora/linux/core/test/2.91/ * ftp://ftp.wsisiz.edu.pl/pub/Linux/fedora/linux/core/test/2.91/ * Romania: * http://ftp.lug.ro/fedora/linux/core/test/2.91/ * ftp://ftp.lug.ro/fedora/linux/core/test/2.91/ * United Kingdom: * http://zeniiia.linux.org.uk/pub/distributions/fedora/linux/core/test/2.91/ * ftp://zeniiia.linux.org.uk/pub/distributions/fedora/linux/core/test/2.91/ * rsync://zeniiia.linux.org.uk/fedora-linux-core/test/2.91/ * Asia/Pacific: * Australia: * http://planetmirror.com/pub/fedora/linux/core/test/2.91/ * ftp://ftp.planetmirror.com/pub/fedora/linux/core/test/2.91/ * rsync://rsync.planetmirror.com/fedora-linux-core-test/2.91/ * Japan: * ftp://ftp.riken.jp/Linux/fedora/core/test/2.91/ * http://ftp.riken.jp/Linux/fedora/core/test/2.91/ * rsync://ftp.riken.jp/fedora/core/test/2.91/ * ftp://ftp.kddilabs.jp/Linux/packages/fedora/core/test/2.91/ * http://ftp.kddilabs.jp/Linux/packages/fedora/core/test/2.91/ * rsync://ftp.kddilabs.jp/fedora/core/test/2.91/ * Taiwan: * http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/core/test/2.91 * ftp://ftp.isu.edu.tw/pub/Linux/Fedora/linux/core/test/2.91 More mirrors will come online in the near future; check: http://fedora.redhat.com/download/mirrors.html for a list of mirrors that carry Fedora Core. One additional feature provided by the Linux community is the availability of Fedora Core releases via BitTorrent. http://torrent.linux.duke.edu/FC3-test2-binary-i386.torrent http://torrent.linux.duke.edu/FC3-test2-binary-x86_64.torrent See http://torrent.linux.duke.edu/ for other forms, including SRPMS and the DVD iso. RPMS for BitTorrent are available from: http://torrent.linux.duke.edu/btrpms/ Usage is simple: btdownloadcurses.py --url http://URL.torrent Allow incoming TCP 6881 - 6889 to join the torrent swarm.

19 years, 7 months

1
1
0 / 0

[SECURITY] Fedora Core 2 Update: apr-util-0.9.4-14.2

by Joe Orton

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-308 2004-09-16 --------------------------------------------------------------------- Product : Fedora Core 2 Name : apr-util Version : 0.9.4 Release : 14.2 Summary : Apache Portable Runtime Utility library Description : The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more. --------------------------------------------------------------------- Update Information: Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0786 to this issue. This update includes a backported fix for this issue. --------------------------------------------------------------------- * Tue Sep 14 2004 Joe Orton <jorton(a)redhat.com> 0.9.4-14.2 - add security fix for CAN-2004-0786 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 707beabca3584d07dbcd3614b80093cb SRPMS/apr-util-0.9.4-14.2.src.rpm 902896dacdd450d100949c5a5af98f93 x86_64/apr-util-0.9.4-14.2.x86_64.rpm 58781e97602be02bb0b37d7039aaed78 x86_64/apr-util-devel-0.9.4-14.2.x86_64.rpm 02ef6a9f2c5651c7db6cd33432b86058 x86_64/debug/apr-util-debuginfo-0.9.4-14.2.x86_64.rpm 70b1159aff827af2930b5488064c4a00 i386/apr-util-0.9.4-14.2.i386.rpm f602170d5cf714238b2a91f4ce4ae052 i386/apr-util-devel-0.9.4-14.2.i386.rpm d9b03f13abf22c32ac291da2ce2a5a10 i386/debug/apr-util-debuginfo-0.9.4-14.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

19 years, 7 months

1
0
0 / 0

[SECURITY] Fedora Core 1 Update: apr-util-0.9.4-2.1

by Joe Orton

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-307 2004-09-16 --------------------------------------------------------------------- Product : Fedora Core 1 Name : apr-util Version : 0.9.4 Release : 2.1 Summary : Apache Portable Runtime Utility library Description : The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more. --------------------------------------------------------------------- Update Information: Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0786 to this issue. This update includes a backported patch for this issue. --------------------------------------------------------------------- * Wed Sep 15 2004 Joe Orton <jorton(a)redhat.com> 0.9.4-2.1 - add security fix for CAN-2004-0786 - add fix for SHA1 password support --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/ a20b967ffa4e004ba2c24ae6f6d0285b SRPMS/apr-util-0.9.4-2.1.src.rpm 51a0579a62f8a8883946b88863aec3d0 x86_64/apr-util-0.9.4-2.1.x86_64.rpm 814f6f5290b802b1997da32c569034c1 x86_64/apr-util-devel-0.9.4-2.1.x86_64.rpm 0344e8181664d9e6b37bc298fe79cc95 x86_64/debug/apr-util-debuginfo-0.9.4-2.1.x86_64.rpm 6d8df3d6e25c851161e1865f96eab6b4 i386/apr-util-0.9.4-2.1.i386.rpm bcf23f81f50ff80b3fff315b1a6aff92 i386/apr-util-devel-0.9.4-2.1.i386.rpm ea3b514f7544b0eef8deacf1b4e57a62 i386/debug/apr-util-debuginfo-0.9.4-2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

19 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

announce September 2004