March 2005 - announce - Fedora Mailing-Lists

[SECURITY] Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.4

by Jay Fenlason

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-276 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : squid Version : 2.5.STABLE9 Release : 1.FC3.4 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Note that squid-2.5.STABLE7 and later do not use /etc/squid/errors for error messages. If you do not want to use the default English error messages, you must set the error_directory in your /etc/squid/squid.conf to the appropriate subdirectory of /usr/share/squid/errors --------------------------------------------------------------------- * Wed Mar 23 2005 Jay Fenlason <fenlason(a)redhat.com> 7:2.5.STABLE9-1.FC3.4 - Add more upstream patches. - add the -libbind patch, to avoid picking up a new dependency on libbind. - Remove references to /etc/squid/errors from this spec, since squid now uses {_datadir}/squid/errors/English/ by default (overridable in /etc/squid/squid.conf, as always) - mark {_datadir}/squid/errors as config(noreplace) so custom error messages won't get stomped on. * Wed Mar 16 2005 Jay Fenlason <fenlason(a)redhat.com> 7:2.5.STABLE9-1.FC3.3 - Actually apply the -date patch. * Wed Mar 16 2005 Jay Fenlason <fenlason(a)redhat.com> 7:2.5.STABLE9-1.FC3.2 - New upstream version, with 14 patches. Includes fix for bz#150234 cookie leak in squid --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 402440397d0a352c5539cf99a1277ab7 SRPMS/squid-2.5.STABLE9-1.FC3.4.src.rpm f41d841e3c2ad7cde69896f0efb9b243 x86_64/squid-2.5.STABLE9-1.FC3.4.x86_64.rpm ceeb68cf5c12194835240059d08215db x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.4.x86_64.rpm 8857ae1347c3592347fc7caef24baf56 i386/squid-2.5.STABLE9-1.FC3.4.i386.rpm a08fb359713307d62edc738317dcd85c i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

[SECURITY] Fedora Core 2 Update: squid-2.5.STABLE9-1.FC2.2

by Jay Fenlason

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-275 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 2 Name : squid Version : 2.5.STABLE9 Release : 1.FC2.2 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Note that squid-2.5.STABLE7 and later do not use /etc/squid/errors for error messages. If you do not want to use the default English error messages, you must set the error_directory in your /etc/squid/squid.conf to the appropriate subdirectory of /usr/share/squid/errors --------------------------------------------------------------------- * Tue Mar 29 2005 Jay Fenlason <fenlason(a)redhat.com> 7:2.5.STABLE9-1.FC3.2 - more upstream patches - include -libbind patch, to prevent squid from picking up a dependency on libbind. - remove references to /etc/squid/errors, since squid now uses {_datadir}/squid/errors/English by default. (overridable in squid.conf) - Mark {datadir}/squid/errors as config(noreplace) so custom error messages won't get scribbled on. * Wed Mar 16 2005 Jay Fenlason <fenlason(a)redhat.com> 7:2.5.STABLE9-1.FC3.1 - New upstream version, with 14 upstream patches. Includes fix for bz#150234 cookie leak in squid --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 4f87823cc8d2e7dbbd1c6f0bc390c7a5 SRPMS/squid-2.5.STABLE9-1.FC2.2.src.rpm e60b6b22ae7af50eca46e621155cfd90 x86_64/squid-2.5.STABLE9-1.FC2.2.x86_64.rpm 899e5cf5ee75a51ea8c2256bf4c2e205 x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.x86_64.rpm f4bf9886e9c100e0ac9bf17b2e40f7d4 i386/squid-2.5.STABLE9-1.FC2.2.i386.rpm 9c06c585c6d113a154e99f8573c530dd i386/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

Fedora Core 3 Update: foomatic-3.0.2-13.3

by Tim Waugh

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-149 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : foomatic Version : 3.0.2 Release : 13.3 Summary : Foomatic printer database. Description : Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. It contains utilities to generate driver description files and printer queues for CUPS, LPD, LPRng, and PDQ using the database. There is also the possibility to read the PJL options out of PJL-capable laser printers and take them into account at the driver description file generation. There are spooler-independent command line interfaces to manipulate queues (foomatic-configure) and to print files/manipulate jobs (foomatic printjob). The site http://www.linuxprinting.org/ is based on this database. --------------------------------------------------------------------- Update Information: This is an update to a newer version. --------------------------------------------------------------------- * Thu Feb 17 2005 Tim Waugh <twaugh(a)redhat.com> 3.0.2-13.3 - Fixed warning patch. * Wed Feb 16 2005 Tim Waugh <twaugh(a)redhat.com> 3.0.2-13.2 - Don't ship backup files. * Wed Feb 16 2005 Tim Waugh <twaugh(a)redhat.com> 3.0.2-13.1 - Built for FC3. * Wed Feb 16 2005 Tim Waugh <twaugh(a)redhat.com> - Updated db to 20050216. * Thu Feb 10 2005 Tim Waugh <twaugh(a)redhat.com> - Added IEEE 1284 information for HP Color LaserJet 4600 (bug #147648). * Tue Feb 8 2005 Tim Waugh <twaugh(a)redhat.com> - Corrected IEEE 1284 information for HP DeskJet 6540 (bug #147288). - Added IEEE 1284 information for Epson Stylus C82 (bug #147230). * Mon Jan 24 2005 Tim Waugh <twaugh(a)redhat.com> - Fixed last change. * Fri Jan 21 2005 Tim Waugh <twaugh(a)redhat.com> - Prevent a warning from DB.pm (bug #145605). * Tue Jan 18 2005 Tim Waugh <twaugh(a)redhat.com> 3.0.2-13 - Updated db to 20050118. * Mon Jan 10 2005 Tim Waugh <twaugh(a)redhat.com> - Added IEEE 1284 information for Epson Stylus Photo R200 (bug #144631). * Tue Jan 4 2005 Tim Waugh <twaugh(a)redhat.com> - Added IEEE 1284 information for Okidata Okipage 6ex (bug #143964). - Added IEEE 1284 information for Epson Stylus Photo R300 (bug #143939). * Mon Dec 20 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-12 - Added IEEE 1284 information for Epson Stylus CX3200 (bug #143343). * Mon Dec 6 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-11 - Updated db to 20041206. * Thu Dec 2 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-10 - Added IEEE 1284 information for HP-Color_Inkjet_Printer_CP1700 (bug #141594). - Added IEEE 1284 information for Samsung-ML-1710 (bug #141163). - Added IEEE 1284 information for HP-OfficeJet_G95 (bug #141057). * Wed Nov 24 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-9 - Updated db to 20041124. - Updated hpijs-db to 1.5-20041124. - No longer need HP DJ 6122 patch. - No longer need ieee1284 patch. - Updated Omni-printers to 0.9.2. * Wed Nov 24 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-8 - Minor PPD.pm fix for PPD import (bug #132625). * Mon Nov 22 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-7 - Applied some foomatic-rip fixes from CVS. * Thu Nov 18 2004 Tim Waugh <twaugh(a)redhat.com> - Add autodetect information for HP Color LaserJet 4550 (bug #139799). * Wed Nov 17 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-6 - Add autodetect information for HP LaserJet 8150 (bug #139683). - Add autodetect information for Epson Stylus Color 777 (bug #139629). * Tue Nov 16 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-5 - Ship data as non-executable (bug #139271). - Corrected autodetect information for HP Business InkJet 1100 (bug #139258). * Mon Nov 15 2004 Tim Waugh <twaugh(a)redhat.com> 3.0.2-4 - Add autodetect information for HP Business InkJet 1100 (bug #139258). - Add autodetect information for Epson Stylus Photo 790 (bug #139266). - Add autodetect information for HP DJ 3820 (bug #139271). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 5eece1b6348cd6d8504fee8944561a36 SRPMS/foomatic-3.0.2-13.3.src.rpm 90883a645d3d59962f483210c5e77510 x86_64/foomatic-3.0.2-13.3.x86_64.rpm 3cffd7b48d1ce04e03ceac2d6c1b9937 x86_64/debug/foomatic-debuginfo-3.0.2-13.3.x86_64.rpm 66b65de495877c56491e063963ff8fc9 i386/foomatic-3.0.2-13.3.i386.rpm db7a49556356705e703d9fb13ca28975 i386/debug/foomatic-debuginfo-3.0.2-13.3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

[SECURITY] Fedora Core 3 Update: telnet-0.17-32.FC3.2

by Harald Hoyer

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-274 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : telnet Version : 0.17 Release : 32.FC3.2 Summary : The client program for the telnet remote login protocol. Description : Telnet is a popular protocol for logging into remote systems over the Internet. The telnet package provides a command line telnet client. --------------------------------------------------------------------- Update Information: Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. Red Hat would like to thank iDEFENSE for their responsible disclosure of this issue. --------------------------------------------------------------------- * Thu Mar 17 2005 Harald Hoyer <harald(a)redhat.com> - 1:0.17-32.FC3.2 - fixed CAN-2005-468 and CAN-2005-469 * Thu Jan 13 2005 Jason Vas Dias <jvdias(a)redhat.com> - 1:0.17-31 - bug 143929 / 145004 : fix race condition in telnetd on wtmp lock - when cleanup() is entered from main process and in signal - handler --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 89834e05dfaaf87030241f12a8d43622 SRPMS/telnet-0.17-32.FC3.2.src.rpm 9ffe815c3d82132847f6f243662d8689 x86_64/telnet-0.17-32.FC3.2.x86_64.rpm 70c70de3253e43c621e1bd753ad85ac8 x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm 299a0a1ddc2f575b14509757a8e352fa x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm 317a655b172288cfc0615b1a06fd2e07 i386/telnet-0.17-32.FC3.2.i386.rpm a51075465fe35429b26f83df4e1888b5 i386/telnet-server-0.17-32.FC3.2.i386.rpm 0f90b3b223e4a5286882f29d2ddc39dc i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

Fedora Core 3 Update: system-config-services-0.8.21-0.fc3.1

by Nils Philippsen

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-256 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : system-config-services Version : 0.8.21 Release : 0.fc3.1 Summary : system-config-services is an initscript and xinetd configuration utility Description : system-config-services is a utility which allows you to configure which services should be enabled on your machine. --------------------------------------------------------------------- * Thu Mar 24 2005 Nils Philippsen <nphilipp(a)redhat.com> 0.8.21-0.fc3.1 - connect toggled signals of service/runlevel checkboxes to enable saving again (#151982) - consolidate on_optRL*_toggled - connect delete_event of mainWindow to ask whether things should be saved before quitting - tab -> space indentation to avoid ambiguity - change some typos * Fri Mar 18 2005 Nils Philippsen <nphilipp(a)redhat.com> 0.8.20-1 - don't read from /dev/null when restarting xinetd/services to prevent hangs - build toolbar in glade to avoid DeprecationWarnings (#134978) - dynamic, translated column titles for runlevel columns * Thu Feb 17 2005 Daniel J Walsh <dwalsh(a)redhat.com> 0.8.19-1 - Added patch from Charlie Brej --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ bcc5c622f9f7092c0a2528a8753c19a2 SRPMS/system-config-services-0.8.21-0.fc3.1.src.rpm 3548ae3b649aa9fb0118a1afb60e51d3 x86_64/system-config-services-0.8.21-0.fc3.1.noarch.rpm 3548ae3b649aa9fb0118a1afb60e51d3 i386/system-config-services-0.8.21-0.fc3.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

[SECURITY] Fedora Core 2 Update: xorg-x11-6.7.0-14

by Kristian Kristensen

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-272 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 2 Name : xorg-x11 Version : 6.7.0 Release : 14 Summary : The basic fonts, programs and docs for an X workstation. Description : X.org X11 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. --------------------------------------------------------------------- Update Information: An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. --------------------------------------------------------------------- * Thu Mar 24 2005 Kristian Høgsberg <krh(a)redhat.com> 6.7.0-14 - Add XFree86-4.1.0-xpm-security-fix-CAN-2005-0605.patch (#150040). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 600a0cfb0c9a9772da75c5652929518b SRPMS/xorg-x11-6.7.0-14.src.rpm 825a43a427fe4f42ed37b17f18f45558 x86_64/xorg-x11-6.7.0-14.x86_64.rpm b27a8d713eec80fce36e2f244eef0a2f x86_64/xorg-x11-devel-6.7.0-14.x86_64.rpm 6275bf8618179e6eeea10feeef759bbb x86_64/xorg-x11-font-utils-6.7.0-14.x86_64.rpm 89c8653ccb04e75510e74bc85508d7fd x86_64/xorg-x11-xfs-6.7.0-14.x86_64.rpm cf31406344a93fe433d23bfdcb0da81b x86_64/xorg-x11-twm-6.7.0-14.x86_64.rpm 1cf2b9c77a87758430315feb848c48b9 x86_64/xorg-x11-xdm-6.7.0-14.x86_64.rpm fadf7f5d595d9fcb611ec285435b961c x86_64/xorg-x11-libs-6.7.0-14.x86_64.rpm a070eccd4d418e14098030dffff0c859 x86_64/xorg-x11-libs-data-6.7.0-14.x86_64.rpm e3a8a1f75a97820627be65bf3976a08f x86_64/xorg-x11-base-fonts-6.7.0-14.x86_64.rpm b9939cd88b4cc7aca4bfaf27b95e3674 x86_64/xorg-x11-truetype-fonts-6.7.0-14.x86_64.rpm f6f33802011c13cb39d1e0b395870a47 x86_64/xorg-x11-syriac-fonts-6.7.0-14.x86_64.rpm 9b9b8064b4a18c0c8f4b70f09168bb29 x86_64/xorg-x11-75dpi-fonts-6.7.0-14.x86_64.rpm 7f3363d21561fb6cd6ca19bcc5f258a0 x86_64/xorg-x11-100dpi-fonts-6.7.0-14.x86_64.rpm be4cf2103796bcdb13ba614498496f10 x86_64/xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14.x86_64.rpm 58f5345f28c3f95b5e966a894d75566b x86_64/xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14.x86_64.rpm 61903949f372c4fdb24f067a7009fe53 x86_64/xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14.x86_64.rpm 08f9c2b87c56f9b8e4ace980dfddd3df x86_64/xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14.x86_64.rpm 3bb47bb6bf4d3f0e445c5709c82320fd x86_64/xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14.x86_64.rpm f830609d16d830b5cc03b359e33cad80 x86_64/xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14.x86_64.rpm 17dfac76eb62313d2d6cb88f56982825 x86_64/xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14.x86_64.rpm 51297d1016839a60c058b3773a49fe89 x86_64/xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14.x86_64.rpm c6525692b3052fa0f0000056b9985ed0 x86_64/xorg-x11-cyrillic-fonts-6.7.0-14.x86_64.rpm 2b16a602848c8145d78fc41dbb27e30c x86_64/xorg-x11-doc-6.7.0-14.x86_64.rpm 6df6be39cadf75d56f05e08823ff5569 x86_64/xorg-x11-Xnest-6.7.0-14.x86_64.rpm 40298ae776b44605648aae8fc765d7a8 x86_64/xorg-x11-tools-6.7.0-14.x86_64.rpm 5a2e53f1ae2296ff3317bcb2899ac021 x86_64/xorg-x11-xauth-6.7.0-14.x86_64.rpm dc536d4f899405eeebf55aefd0b69250 x86_64/xorg-x11-Mesa-libGL-6.7.0-14.x86_64.rpm d6f0bfe66f978ec510320aa136e845f8 x86_64/xorg-x11-Mesa-libGLU-6.7.0-14.x86_64.rpm a7090fa49b90b64d17b68fb8b34b0574 x86_64/xorg-x11-Xvfb-6.7.0-14.x86_64.rpm f3f7f737769df12c9ecb3611d843493c x86_64/xorg-x11-sdk-6.7.0-14.x86_64.rpm 09f987c885e0ab18c641b31ab0778eb0 x86_64/xorg-x11-libs-6.7.0-14.i386.rpm 4d8905737e62497664683b053e58f87e x86_64/xorg-x11-libs-data-6.7.0-14.i386.rpm 54074a661b6889f91a29fb91c62a189e x86_64/xorg-x11-Mesa-libGL-6.7.0-14.i386.rpm 30949ab6f8bf9427e32e841c37bac6e2 x86_64/xorg-x11-Mesa-libGLU-6.7.0-14.i386.rpm 4576076e43b32eb7d34fb9ff112c2ab6 i386/xorg-x11-6.7.0-14.i386.rpm aa42939c5f62b2eb863c3b433eda091e i386/xorg-x11-devel-6.7.0-14.i386.rpm 12758faeb79e52858b8cb963e829f7d1 i386/xorg-x11-font-utils-6.7.0-14.i386.rpm e5e37ec4b840fd3c8e11bdffcd5a799f i386/xorg-x11-xfs-6.7.0-14.i386.rpm ae4a343bdeb63c559859d633fedc3720 i386/xorg-x11-twm-6.7.0-14.i386.rpm 9281ffb09a3c6c6387dd62fde5e6939f i386/xorg-x11-xdm-6.7.0-14.i386.rpm 09f987c885e0ab18c641b31ab0778eb0 i386/xorg-x11-libs-6.7.0-14.i386.rpm 4d8905737e62497664683b053e58f87e i386/xorg-x11-libs-data-6.7.0-14.i386.rpm 8f11ccc3a45ee547c408d29fb61c8d21 i386/xorg-x11-base-fonts-6.7.0-14.i386.rpm 6b1426acb8c1c89f7c02c10e1ef8a6f9 i386/xorg-x11-truetype-fonts-6.7.0-14.i386.rpm 287625bb4fa84f794ab0e6f2525598bb i386/xorg-x11-syriac-fonts-6.7.0-14.i386.rpm bb6740fa5b20fb389940b19fdd9d5cf6 i386/xorg-x11-75dpi-fonts-6.7.0-14.i386.rpm f5014cfda408afc422be35be41c854bb i386/xorg-x11-100dpi-fonts-6.7.0-14.i386.rpm ac9eb026a651b64f15257870bc855b77 i386/xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14.i386.rpm b8c3f6d33a83254c2c3dbe1746140254 i386/xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14.i386.rpm 401876c22190ad302fcbd2406b2195a6 i386/xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14.i386.rpm 0fe35cdc12d5efc451b83c6bee9badef i386/xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14.i386.rpm c1a35a47c2105d205aab91a6eb494ec1 i386/xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14.i386.rpm 24e129935a31acb375c52b2c67fa56ca i386/xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14.i386.rpm 3c7922f8a8b2280bb29ffeeb3b83254d i386/xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14.i386.rpm eade863f16a383b6817fa211bafa0a63 i386/xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14.i386.rpm 508e852b7f0b06750769c6170d4aa7b1 i386/xorg-x11-cyrillic-fonts-6.7.0-14.i386.rpm 6a848de0e9d6c23cc13200e5b1e6c367 i386/xorg-x11-doc-6.7.0-14.i386.rpm 9799f497d482f759bcdca575c719784c i386/xorg-x11-Xnest-6.7.0-14.i386.rpm 2ee2a3660f4d37cfeab7f0ef8b1dbeeb i386/xorg-x11-tools-6.7.0-14.i386.rpm 8e9d284aa1fee22df6aad4675538a2ea i386/xorg-x11-xauth-6.7.0-14.i386.rpm 54074a661b6889f91a29fb91c62a189e i386/xorg-x11-Mesa-libGL-6.7.0-14.i386.rpm 30949ab6f8bf9427e32e841c37bac6e2 i386/xorg-x11-Mesa-libGLU-6.7.0-14.i386.rpm 8be650d47e7f34cc6b63b8e2321cf2eb i386/xorg-x11-Xvfb-6.7.0-14.i386.rpm 41adbaea8de3dee2f6a2698a73d875ff i386/xorg-x11-sdk-6.7.0-14.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

[SECURITY] Fedora Core 3 Update: xorg-x11-6.8.2-1.FC3.13

by Kristian Kristensen

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-273 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 3 Name : xorg-x11 Version : 6.8.2 Release : 1.FC3.13 Summary : The basic fonts, programs and docs for an X workstation. Description : X.org X11 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. --------------------------------------------------------------------- Update Information: An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. Futhermore, this updates the Fedora Core 3 X.org packages to the 6.8.2 maintenance release, which includes a large number of bug fixes: http://xorg.freedesktop.org/wiki/X11R682Release --------------------------------------------------------------------- * Thu Mar 24 2005 Kristian Høgsberg <krh(a)redhat.com> 6.8.2-1.FC3.13 - Rebuild 6.8.2-13 as 6.8.2-1.FC3.13 for Fedora Core 3 release * Wed Mar 23 2005 Kristian Høgsberg <krh(a)redhat.com> 6.8.2-13 - Add XFree86-4.1.0-xpm-security-fix-CAN-2005-0605.patch (#150040). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 94366578adb65612201728ef9ab1bd55 SRPMS/xorg-x11-6.8.2-1.FC3.13.src.rpm f5206f5e0ef0ba672f25455af5f0d57a x86_64/xorg-x11-6.8.2-1.FC3.13.x86_64.rpm 7ca91351cde46271ced109127e32445c x86_64/xorg-x11-devel-6.8.2-1.FC3.13.x86_64.rpm 3c1a1ff519f0ada181791769f5fa317e x86_64/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13.x86_64.rpm 92e89e566fc6618245318b7fa4034ee6 x86_64/xorg-x11-font-utils-6.8.2-1.FC3.13.x86_64.rpm 13ff89b32d789d7a3dd3e87d9d4f7991 x86_64/xorg-x11-xfs-6.8.2-1.FC3.13.x86_64.rpm 9e75b9b0e32b1b58e6b235ee33809c41 x86_64/xorg-x11-twm-6.8.2-1.FC3.13.x86_64.rpm cc264ec7b1c14271e346f72b21fd5a87 x86_64/xorg-x11-xdm-6.8.2-1.FC3.13.x86_64.rpm d9eec089b430a0cbcd8be6aff2a5de85 x86_64/xorg-x11-libs-6.8.2-1.FC3.13.x86_64.rpm 3af6857ae01305df21c29c2f4fb44d2e x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.x86_64.rpm a67e229ca44e3919a36cbe6fce01775c x86_64/xorg-x11-doc-6.8.2-1.FC3.13.x86_64.rpm f357a1344a59fea10207b7b49dd6003b x86_64/xorg-x11-Xdmx-6.8.2-1.FC3.13.x86_64.rpm 53e42bac132fb395ebea33994d70e53d x86_64/xorg-x11-Xnest-6.8.2-1.FC3.13.x86_64.rpm 72e0cbfba322f1e240685b361cf2537c x86_64/xorg-x11-tools-6.8.2-1.FC3.13.x86_64.rpm 2ce584c855b0f1cc1ac4db8780b25ae3 x86_64/xorg-x11-xauth-6.8.2-1.FC3.13.x86_64.rpm 546248e8a4c711e534b2c6fe5f5736ad x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.x86_64.rpm 07149a3e65259666f7364aa5e6ca36c2 x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.x86_64.rpm e119760d056fd141c22efb422c33bfd3 x86_64/xorg-x11-Xvfb-6.8.2-1.FC3.13.x86_64.rpm 5aa92c62145317639586854a7529e408 x86_64/xorg-x11-sdk-6.8.2-1.FC3.13.x86_64.rpm d42f17f76c9ff4171b7003ef2844ff46 x86_64/xorg-x11-devel-6.8.2-1.FC3.13.i386.rpm a1106b41ab938b60ae31a6030ce2ae69 x86_64/xorg-x11-libs-6.8.2-1.FC3.13.i386.rpm 1befcda39823dc6ff70be791f9ebe8fb x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.i386.rpm 85a86b438f512a8f608a03a7d26c7ccb x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.i386.rpm ca913c4a6d5d06d5c3474a3da83b726c x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.i386.rpm a9589a414fd18a04c436549d622eb064 i386/xorg-x11-6.8.2-1.FC3.13.i386.rpm d42f17f76c9ff4171b7003ef2844ff46 i386/xorg-x11-devel-6.8.2-1.FC3.13.i386.rpm 9002eb404a7018c70306af2ac821aa30 i386/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13.i386.rpm f99acd9ceb6cbfd2d57e2c7b31ce89ef i386/xorg-x11-font-utils-6.8.2-1.FC3.13.i386.rpm ed74e8cd8d2a360baf8daba04d14d409 i386/xorg-x11-xfs-6.8.2-1.FC3.13.i386.rpm 7f4fbd7f2eea4ebbe1e6e7c42215714c i386/xorg-x11-twm-6.8.2-1.FC3.13.i386.rpm 4582c9a5650832884660187eac3bb136 i386/xorg-x11-xdm-6.8.2-1.FC3.13.i386.rpm a1106b41ab938b60ae31a6030ce2ae69 i386/xorg-x11-libs-6.8.2-1.FC3.13.i386.rpm 1befcda39823dc6ff70be791f9ebe8fb i386/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.i386.rpm 5169a66fe5a367a60b2635c4be98ab9b i386/xorg-x11-doc-6.8.2-1.FC3.13.i386.rpm 1af9bb7976c506df46967105053e9ef7 i386/xorg-x11-Xdmx-6.8.2-1.FC3.13.i386.rpm 80dca4903e83c67f2666fd8f56aef393 i386/xorg-x11-Xnest-6.8.2-1.FC3.13.i386.rpm 37f9361bd2b9b085375c4b9689b499e2 i386/xorg-x11-tools-6.8.2-1.FC3.13.i386.rpm 831a10dfe3e76c21b48e0a578a0542f4 i386/xorg-x11-xauth-6.8.2-1.FC3.13.i386.rpm 85a86b438f512a8f608a03a7d26c7ccb i386/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.i386.rpm ca913c4a6d5d06d5c3474a3da83b726c i386/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.i386.rpm 28c10ea5794c39d0d299ad317d0a6749 i386/xorg-x11-Xvfb-6.8.2-1.FC3.13.i386.rpm e91fd9c112fe3859abf46b336d2dc623 i386/xorg-x11-sdk-6.8.2-1.FC3.13.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

[SECURITY] Fedora Core 3 Update: krb5-1.3.6-5

by Nalin Dahyabhai

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-270 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 3 Name : krb5 Version : 1.3.6 Release : 5 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. --------------------------------------------------------------------- Update Information: Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. --------------------------------------------------------------------- * Mon Mar 28 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.3.6-5 - rebuild * Wed Mar 23 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.3.6-4 - drop krshd patch * Thu Mar 17 2005 Nalin Dahyabhai <nalin(a)redhat.com> - add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 15bad9c44ba4da14de7d5527a02c1a90 SRPMS/krb5-1.3.6-5.src.rpm 41314d054ab13a935cd57466a99bb03e x86_64/krb5-devel-1.3.6-5.x86_64.rpm c99ffb83d090d156e59a0348e8162b6e x86_64/krb5-libs-1.3.6-5.x86_64.rpm 9ed53c214ae3b20aa8cb3a3f339b46ad x86_64/krb5-server-1.3.6-5.x86_64.rpm 1f03b24107cb22cfca368d59fb9c40ee x86_64/krb5-workstation-1.3.6-5.x86_64.rpm 0c354d4e12fcfe83c2cd6fbfb96abc16 x86_64/debug/krb5-debuginfo-1.3.6-5.x86_64.rpm f07344531de5e52ff9b5a0d20bdc91be x86_64/krb5-libs-1.3.6-5.i386.rpm 0af73edbe1464ecceaf3a30789c5d400 i386/krb5-devel-1.3.6-5.i386.rpm f07344531de5e52ff9b5a0d20bdc91be i386/krb5-libs-1.3.6-5.i386.rpm d737538d9eb42347efc297930f17241c i386/krb5-server-1.3.6-5.i386.rpm 92a3d0a3000bd0a78abcf11da80009ba i386/krb5-workstation-1.3.6-5.i386.rpm d8b1635e05c1b0bb6d76cb9f7a810d78 i386/debug/krb5-debuginfo-1.3.6-5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

[SECURITY] Fedora Core 2 Update: krb5-1.3.6-4

by Nalin Dahyabhai

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-269 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 2 Name : krb5 Version : 1.3.6 Release : 4 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. --------------------------------------------------------------------- Update Information: Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. --------------------------------------------------------------------- * Wed Mar 23 2005 Nalin Dahyabhai <nalin(a)redhat.com> 1.3.6-4 - drop krshd patch * Thu Mar 17 2005 Nalin Dahyabhai <nalin(a)redhat.com> - add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 3c210dbdcfb5f01a35f52632abbd3e58 SRPMS/krb5-1.3.6-4.src.rpm 2b4e4f7ffe208989572b173efa18c4b4 x86_64/krb5-devel-1.3.6-4.x86_64.rpm 67a3ffb77c8f92b235d503380ff54b32 x86_64/krb5-libs-1.3.6-4.x86_64.rpm 5d8e752002f27ca2ea7c8f40a6247b37 x86_64/krb5-server-1.3.6-4.x86_64.rpm b01504865b91a46e9f6dab345a939bf6 x86_64/krb5-workstation-1.3.6-4.x86_64.rpm 72def6a5e69a30e63ab071f581ad1729 x86_64/debug/krb5-debuginfo-1.3.6-4.x86_64.rpm 891e77b16aa127543976583a0b134464 x86_64/krb5-libs-1.3.6-4.i386.rpm e26b5c97144daa666babf9e01bc90b25 i386/krb5-devel-1.3.6-4.i386.rpm 891e77b16aa127543976583a0b134464 i386/krb5-libs-1.3.6-4.i386.rpm 16a523103910c903de48a8c2e33c6524 i386/krb5-server-1.3.6-4.i386.rpm f36537a81b6330e72c01de759196fb35 i386/krb5-workstation-1.3.6-4.i386.rpm 123d9371167ecbe81399b256ece22399 i386/debug/krb5-debuginfo-1.3.6-4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 6 months

1
0
0 / 0

Fedora Core 3 Update: libaio-0.3.103-5

by Jeff Moyer

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry for the late announcement. - --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-147 2005-03-29 - --------------------------------------------------------------------- Product : Fedora Core 3 Name : libaio Version : 0.3.103 Release : 5 Summary : Linux-native asynchronous I/O access library Description : The Linux-native asynchronous I/O facility ("async I/O", or "aio") has a richer API and capability set than the simple POSIX async I/O facility. This library, libaio, provides the Linux-native API for async I/O. The POSIX async I/O facility requires this library in order to provide kernel-accelerated async I/O capabilities, as do applications which require the Linux-native async I/O API. - --------------------------------------------------------------------- Update Information: The SONAME for libaio was inadvertantly changed from libaio.so.1 to libaio.so.1.0.0. While applications linked with libaio.so.1 would still load, they would fail upon looking up a symbol in libaio. This also introduced an RPM dependency that could not be solved. Application RPMs which were built against the old package would not install as well. The solution for this was to revert the SONAME to its old value, and to provide a compat library for those packages that were built against the library with the wrong SONAME. - --------------------------------------------------------------------- * Mon Feb 14 2005 Jeff Moyer <jmoyer(a)redhat.com> - 0.3.103-5 - - Build the library twice. Once with the old SONAME and once with the new one. This fixes the wrong SONAME problem by keeping a library around with the wrong name (libaio.so.1.0.0) and generating a new one (libaio.so.1.0.1). - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 502e9012e7fce64fc6fbbda218d96154 SRPMS/libaio-0.3.103-5.src.rpm 37bfedf308962c5643ee722856e1b535 x86_64/libaio-0.3.103-5.x86_64.rpm 56b059051f2665751f3b19a8aa84a1e2 x86_64/libaio-devel-0.3.103-5.x86_64.rpm 3636705da3d24f5061c9294098c0ac09 x86_64/debug/libaio-debuginfo-0.3.103-5.x86_64.rpm 9b65bc00d61e80fffbd0a95572a5c405 x86_64/libaio-0.3.103-5.i386.rpm 9b65bc00d61e80fffbd0a95572a5c405 i386/libaio-0.3.103-5.i386.rpm 6b123d9266b8ab2836157c7148e9cc49 i386/libaio-devel-0.3.103-5.i386.rpm ee6ef2f1183e1d957220ca3d62906f93 i386/debug/libaio-debuginfo-0.3.103-5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/> iD8DBQFCSZNCH/inyh944bQRAhExAKC60ba1iwbK9pmPRXAoUIpfPIku1gCgphGi xmvVk8FkwV4BWbXDbUrEUe8= =83Y/ -----END PGP SIGNATURE-----

18 years, 6 months

1
0
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

announce March 2005